Which two actions should you perform?
You have the following environment: ✑ Azure Sentinel ✑ A Microsoft 365 subscription ✑ Microsoft Defender for Identity ✑ An Azure Active Directory (Azure AD) tenant You configure Azure Sentinel to collect security logs from all the Active Directory member servers and domain controllers. You deploy Microsoft Defender for Identity...
What should you do on the on-premises computers?
You create an Azure subscription. You enable Microsoft Defender for Cloud for the subscription. You need to use Defender for Cloud to protect on-premises computers. What should you do on the on-premises computers?A . Configure the Hybrid Runbook Worker role. B. Install the Connected Machine agent. C. Install the Log...
Which role should you assign to SecAdmin1?
You have a Microsoft 365 subscription that uses Azure Defender. You have 100 virtual machines in a resource group named RG1. You assign the Security Admin roles to a new user named SecAdmin1. You need to ensure that SecAdmin1 can apply quick fixes to the virtual machines by using Azure...
What should you do in the Azure portal?
You have two Azure subscriptions that use Microsoft Defender for Cloud. You need to ensure that specific Defender for Cloud security alerts are suppressed at the root management group level. The solution must minimize administrative effort. What should you do in the Azure portal?A . Create an Azure Policy assignment....
What should you use?
HOTSPOT You purchase a Microsoft 365 subscription. You plan to configure Microsoft Cloud App Security. You need to create a custom template-based policy that detects connections to Microsoft 365 apps that originate from a botnet network. What should you use? To answer, select the appropriate options in the answer area....
Which two features should you use?
You have an Azure subscription that uses Microsoft Sentinel. You need to minimize the administrative effort required to respond to the incidents and remediate the security threats detected by Microsoft Sentinel. Which two features should you use? Each correct answer presents part of the solution. NOTE: Each correct selection is...
What should you include in the solution?
HOTSPOT You need to implement Microsoft Defender for Cloud to meet the Microsoft Defender for Cloud requirements and the business requirements. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
What should you use?
You create a hunting query in Azure Sentinel. You need to receive a notification in the Azure portal as soon as the hunting query detects a match on the query. The solution must minimize effort. What should you use?A . a playbook B. a notebook C. a livestream D. a...
What should you do first?
You have an Azure subscription that has Microsoft Defender for Cloud enabled. You have a virtual machine that runs Windows 10 and has the Log Analytics agent installed. You need to simulate an attack on the virtual machine that will generate an alert. What should you do first?A . Run...
Which three actions should you perform?
Your company uses Microsoft Defender for Endpoint. The company has Microsoft Word documents that contain macros. The documents are used frequently on the devices of the company’s accounting team. You need to hide false positive in the Alerts queue, while maintaining the existing security posture. Which three actions should you...