- All Exams Instant Download
Which two configurations should you modify?
You need to restrict cloud apps running on CUENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.A . the Cloud Discovery settings in Microsoft Defender for Cloud AppsB...
What should you do?
You use Azure Security Center. You receive a security alert in Security Center. You need to view recommendations to resolve the alert in Security Center. What should you do?A . From Security alerts, select the alert, select Take Action, and then expand the Prevent future attacks section.B . From Security...
How should you complete the query?
HOTSPOT You have a Microsoft 365 E5 subscription that uses Microsoft Defender and an Azure subscription that uses Azure Sentinel. You need to identify all the devices that contain files in emails sent by a known malicious email sender. The query will be based on the match of the SHA256...
What should you do?
HOTSPOT You need to configure the Azure Sentinel integration to meet the Azure Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer: Explanation: Reference: https://docs.microsoft.com/en-us/cloud-app-security/siem-sentinel
Which two roles should assign to the analyst?
Your company deploys the following services: ✑ Microsoft Defender for Identity ✑ Microsoft Defender for Endpoint ✑ Microsoft Defender for Office 365 You need to provide a security analyst with the ability to use the Microsoft 365 security center. The analyst must be able to approve and reject pending actions...
What should you recommend for each threat?
HOTSPOT for the Azure virtual You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What should you recommend for each threat? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer: Explanation: Reference: https://docs.microsoft.com/en-us/azure/key-vault/general/secure-your-key-vault
What should you configure first?
You need to implement the scheduled rule for incident generation based on rulequery1. What should you configure first?A . entity mappingB . custom detailsC . event groupingD . alert detailsView AnswerAnswer: D
Which two actions should you perform in Azure Sentinel?
You are configuring Azure Sentinel. You need to send a Microsoft Teams message to a channel whenever a sign-in from a suspicious IP address is detected. Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one...
What should you do?
HOTSPOT You have an Azure subscription that has Azure Defender enabled for all supported resource types. You create an Azure logic app named LA1. You plan to use LA1 to automatically remediate security risks detected in Azure Security Center. View the window You need to test LA1 in Security Center....
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...
