What should you do in the Azure portal?

You have two Azure subscriptions that use Microsoft Defender for Cloud. You need to ensure that specific Defender for Cloud security alerts are suppressed at the root management group level. The solution must minimize administrative effort. What should you do in the Azure portal?A . Create an Azure Policy assignment....

May 6, 2023 No Comments READ MORE +

What should you include in the solution?

HOTSPOT You need to implement Azure Defender to meet the Azure Defender requirements and the business requirements. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer: Explanation: Graphical user interface, application Description...

May 6, 2023 No Comments READ MORE +

How should you complete the query?

HOTSPOT You have a Microsoft Sentinel workspace. You need to create a KQL query that will identify successful sign-ins from multiple countries during the last three hours. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one...

May 6, 2023 No Comments READ MORE +

What should you use?

A company uses Azure Sentinel. You need to create an automated threat response. What should you use?A . a data connector B. a playbook C. a workbook D. a Microsoft incident creation ruleView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook

May 6, 2023 No Comments READ MORE +

What should you configure in the Security Center settings?

A security administrator receives email alerts from Azure Defender for activities such as potential malware uploaded to a storage account and potential successful brute force attacks. The security administrator does NOT receive email alerts for activities such as antimalware action failed and suspicious network activity. The alerts appear in Azure...

May 5, 2023 No Comments READ MORE +

What should you do in the Azure portal?

You have two Azure subscriptions that use Microsoft Defender for Cloud. You need to ensure that specific Defender for Cloud security alerts are suppressed at the root management group level. The solution must minimize administrative effort. What should you do in the Azure portal?A . Create an Azure Policy assignment....

May 5, 2023 No Comments READ MORE +

Which three actions should you perform in sequence?

DRAG DROP You plan to connect an external solution that will send Common Event Format (CEF) messages to Azure Sentinel. You need to deploy the log forwarder. Which three actions should you perform in sequence? To answer, move the appropriate actions form the list of actions to the answer area...

May 5, 2023 No Comments READ MORE +

What should you do in Account! first?

You need to deploy the native cloud connector to Account! to meet the Microsoft Defender for Cloud requirements. What should you do in Account! first?A . Create an AWS user for Defender for Cloud. B. Create an Access control (1AM) role for Defender for Cloud. C. Configure AWS Security Hub....

May 5, 2023 No Comments READ MORE +

How should you complete the query?

DRAG DROP You are investigating an incident by using Microsoft 365 Defender. You need to create an advanced hunting query to count failed sign-in authentications on three devices named CFOLaptop. CEOLaptop, and COOLaptop. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE...

May 5, 2023 No Comments READ MORE +

How should you complete the query?

HOTSPOT You have a Microsoft 365 subscription that uses Microsoft 365 Defender and contains a user named User1. You are notified that the account of User1 is compromised. You need to review the alerts triggered on the devices to which User1 signed in. How should you complete the query? To...

May 4, 2023 No Comments READ MORE +