SC-200 V7

You recently deployed Azure Sentinel. You discover that the default Fusion rule does not generate any alerts. You verify that the rule is enabled. You need to ensure that the Fusion rule can generate alerts. What should you do?A . Disable, and then enable the rule.B . Add data connectorsC...

HOTSPOT You need to implement Microsoft Defender for Cloud to meet the Microsoft Defender for Cloud requirements and the business requirements. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...

You have a playbook in Azure Sentinel. When you trigger the playbook, it sends an email to a distribution group. You need to modify the playbook to send the email to the owner of the resource instead of the distribution group. What should you do?A . Add a parameter and...

HOTSPOT You need to use an Azure Resource Manager template to create a workflow automation that will trigger an automatic remediation when specific security alerts are received by Azure Security Center. How should you complete the portion of the template that will provision the required Azure resources? To answer, select...

HOTSPOT You have an Azure subscription that has Azure Defender enabled for all supported resource types. You create an Azure logic app named LA1. You plan to use LA1 to automatically remediate security risks detected in Azure Security Center. View the window. You need to test LA1 in Security Center....

You plan to create a custom Azure Sentinel query that will provide a visual representation of the security alerts generated by Azure Security Center. You need to create a query that will be used to display a bar graph. What should you include in the query?A . extendB . binC...

You have an Azure subscription that has Azure Defender enabled for all supported resource types. You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution. To which service should you export the alerts?A . Azure Cosmos...

You need to ensure that the processing of incidents generated by rulequery1 meets the Microsoft Sentinel requirements. What should you create first?A . a playbook with an incident triggerB . a playbook with an entity triggerC . an Azure Automation ruleD . a playbook with an alert triggerView AnswerAnswer: A

Topic 3, Adatum Corporation Overview Adatum Corporation is a United States-based financial services company that has regional offices in New York, Chicago, and San Francisco. The on-premises network contains an Active Directory Domain Services (AD DS) forest named corp.adatum.com that syncs with an Azure AD tenant named adatum.com. All user...