What should you recommend for each threat?
HOTSPOT You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What should you recommend for each threat? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
What should you include in the query?
You plan to create a custom Azure Sentinel query that will track anomalous Azure Active Directory (Azure AD) sign-in activity and present the activity as a time chart aggregated by day. You need to create a query that will be used to display the time chart. What should you include...
From where can you run the test in Azure Sentinel?
You have an Azure Sentinel workspace. You need to test a playbook manually in the Azure portal. From where can you run the test in Azure Sentinel?A . Playbooks B. Analytics C. Threat intelligence D. IncidentsView AnswerAnswer: D Explanation: Reference: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook#run-a- playbook-on-demand
The issue for which team can be resolved by using Microsoft Defender for Office 365?
The issue for which team can be resolved by using Microsoft Defender for Office 365?A . executive B. marketing C. security D. salesView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams? view=o365-worldwide
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...
What should you use?
You have a Microsoft 365 subscription that contains 1,000 Windows 10 devices. The devices have Microsoft Office 365 installed. You need to mitigate the following device threats: ✑ Microsoft Excel macros that download scripts from untrusted websites ✑ Users that open executable attachments in Microsoft Outlook ✑ Outlook rules and...
Which role should you assign?
You need to assign a role-based access control (RBAC) role to admin1 to meet the Azure Sentinel requirements and the business requirements. Which role should you assign?A . Automation Operator B. Automation Runbook Operator C. Azure Sentinel Contributor D. Logic App ContributorView AnswerAnswer: C Explanation: Reference: https://docs.microsoft.com/en-us/azure/sentinel/roles
What should you do?
You have a playbook in Azure Sentinel. When you trigger the playbook, it sends an email to a distribution group. You need to modify the playbook to send the email to the owner of the resource instead of the distribution group. What should you do?A . Add a parameter and...
Where can you find the column name to complete the where clause?
You need to complete the query for failed sign-ins to meet the technical requirements. Where can you find the column name to complete the where clause?A . Security alerts in Azure Security Center B. Activity log in Azure C. Azure Advisor D. the query windows of the Log Analytics workspaceView...
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...