Which three actions should you perform?

Your company uses Microsoft Defender for Endpoint. The company has Microsoft Word documents that contain macros. The documents are used frequently on the devices of the company’s accounting team. You need to hide false positive in the Alerts queue, while maintaining the existing security posture. Which three actions should you...

December 27, 2023 No Comments READ MORE +

Which two commands can you run to achieve the goal?

Your company uses line-of-business apps that contain Microsoft Office VBA macros. You plan to enable protection against downloading and running additional payloads from the Office VBA macros as additional child processes. You need to identify which Office VBA macros might be affected. Which two commands can you run to achieve...

December 26, 2023 No Comments READ MORE +

Which two configurations should you modify?

You need to restrict cloud apps running on CUENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.A . the Cloud Discovery settings in Microsoft Defender for Cloud AppsB...

December 25, 2023 No Comments READ MORE +

Which three actions should you perform in sequence?

DRAG DROP You need to add notes to the events to meet the Azure Sentinel requirements. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of action to the answer area and arrange them in the correct order. View AnswerAnswer: Explanation: Reference:...

December 25, 2023 No Comments READ MORE +

Does this meet the goal?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...

December 25, 2023 No Comments READ MORE +

How should you complete the query?

Topic 4, Misc. Questions DRAG DROP You are investigating an incident by using Microsoft 365 Defender. You need to create an advanced hunting query to detect failed sign-in authentications on three devices named CFOLaptop, CEOLaptop, and COOLaptop. How should you complete the query? To answer, select the appropriate options in...

December 25, 2023 No Comments READ MORE +

The issue for which team can be resolved by using Microsoft Defender for Office 365?

The issue for which team can be resolved by using Microsoft Defender for Office 365?A . executiveB . marketingC . securityD . salesView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams?view=o365-worldwide

December 25, 2023 No Comments READ MORE +

What should you configure to mitigate the threat?

You are responsible for responding to Azure Defender for Key Vault alerts. During an investigation of an alert, you discover unauthorized attempts to access a key vault from a Tor exit node. What should you configure to mitigate the threat?A . Key Vault firewalls and virtual networksB . Azure Active...

December 24, 2023 No Comments READ MORE +

How should you configure the query?

HOTSPOT You need to implement the ASIM query for DNS requests. The solution must meet the Microsoft Sentinel requirements. How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:

December 24, 2023 No Comments READ MORE +

What should you do when you create the rule?

You need to create the test rule to meet the Azure Sentinel requirements. What should you do when you create the rule?A . From Set rule logic, turn off suppression.B . From Analytics rule details, configure the tactics.C . From Set rule logic, map the entities.D . From Analytics rule...

December 24, 2023 No Comments READ MORE +