What should you do?
Your company has an on-premises network that uses Microsoft Defender for Identity. The Microsoft Secure Score for the company includes a security assessment associated with unsecure Kerberos delegation. You need remediate the security risk. What should you do?A . Install the Local Administrator Password Solution (LAPS) extension on the computers...
What should you configure in the Security Center settings?
A security administrator receives email alerts from Azure Defender for activities such as potential malware uploaded to a storage account and potential successful brute force attacks. The security administrator does NOT receive email alerts for activities such as antimalware action failed and suspicious network activity. The alerts appear in Azure...
How should you complete the query?
HOTSPOT You have a Microsoft Sentinel workspace named Workspaces You configure Workspace1 to collect DNS events and deploy the Advanced Security information Model (ASIM) unifying parser for the DNS schema. You need to query the ASIM DNS schema to list all the DNS events from the last 24 hours that...
What should you use?
You create a hunting query in Azure Sentinel. You need to receive a notification in the Azure portal as soon as the hunting query detects a match on the query. The solution must minimize effort. What should you use?A . a playbook B. a notebook C. a livestream D. a...
Which three actions should you perform in sequence?
DRAG DROP You need to add notes to the events to meet the Azure Sentinel requirements. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of action to the answer area and arrange them in the correct order. View AnswerAnswer: Explanation: Graphical...
You use Azure Sentinel to monitor irregular Azure activity
HOTSPOT You use Azure Sentinel to monitor irregular Azure activity. You create custom analytics rules to detect threats as shown in the following exhibit. You do NOT define any incident settings as part of the rule definition. Use the drop-down menus to select the answer choice that completes each statement...
What should you use to create the visuals?
You have a Microsoft Sentinel workspace named workspace1 that contains custom Kusto queries. You need to create a Python-based Jupyter notebook that will create visuals. The visuals will display the results of the queries and be pinned to a dashboard. The solution must minimize development effort. What should you use...
The issue for which team can be resolved by using Microsoft Defender for Endpoint?
The issue for which team can be resolved by using Microsoft Defender for Endpoint?A . executive B. sales C. marketingView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft- defender-atp-ios
Which three actions should you perform?
Your company uses Microsoft Defender for Endpoint. The company has Microsoft Word documents that contain macros. The documents are used frequently on the devices of the company’s accounting team. You need to hide false positive in the Alerts queue, while maintaining the existing security posture. Which three actions should you...
Which data connector type should you use for each workload?
HOTSPOT You deploy Azure Sentinel. You need to implement connectors in Azure Sentinel to monitor Microsoft Teams and Linux virtual machines in Azure. The solution must minimize administrative effort. Which data connector type should you use for each workload? To answer, select the appropriate options in the answer area. NOTE:...