- All Exams Instant Download
What should you create first?
You need to ensure that the processing of incidents generated by rulequery1 meets the Microsoft Sentinel requirements. What should you create first?A . a playbook with an incident triggerB . a playbook with an entity triggerC . an Azure Automation ruleD . a playbook with an alert triggerView AnswerAnswer: A
Where can you find the column name to complete the where clause?
You need to complete the query for failed sign-ins to meet the technical requirements. Where can you find the column name to complete the where clause?A . Security alerts in Azure Security CenterB . Activity log in AzureC . Azure AdvisorD . the query windows of the Log Analytics workspaceView...
Which role should you assign?
You need to assign a role-based access control (RBAC) role to admin1 to meet the Azure Sentinel requirements and the business requirements. Which role should you assign?A . Automation OperatorB . Automation Runbook OperatorC . Azure Sentinel ContributorD . Logic App ContributorView AnswerAnswer: C Explanation: Reference: https://docs.microsoft.com/en-us/azure/sentinel/roles
What should you create first?
Topic 3, Adatum Corporation Overview Adatum Corporation is a United States-based financial services company that has regional offices in New York, Chicago, and San Francisco. The on-premises network contains an Active Directory Domain Services (AD DS) forest named corp.adatum.com that syncs with an Azure AD tenant named adatum.com. All user...
To which service should you export the alerts?
You have an Azure subscription that has Azure Defender enabled for all supported resource types. You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution. To which service should you export the alerts?A . Azure Cosmos...
What should you configure to mitigate the threat?
You are responsible for responding to Azure Defender for Key Vault alerts. During an investigation of an alert, you discover unauthorized attempts to access a key vault from a Tor exit node. What should you configure to mitigate the threat?A . Key Vault firewalls and virtual networksB . Azure Active...
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...
What should you use to detect which documents are sensitive?
You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365. You have Microsoft SharePoint Online sites that contain sensitive documents. The documents contain customer account numbers that each consists of 32 alphanumeric characters. You need to create a data loss prevention (DLP) policy to protect the sensitive...
Which subscription-level role should you assign to Group1?
You need to implement the Defender for Cloud requirements. Which subscription-level role should you assign to Group1?A . Security AdminB . OwnerC . Security Assessment ContributorD . ContributorView AnswerAnswer: B
What should you do?
HOTSPOT You need to monitor the password resets. The solution must meet the Microsoft Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
