- All Exams Instant Download
Which two actions should you perform in Azure Sentinel?
You are configuring Azure Sentinel. You need to send a Microsoft Teams message to a channel whenever a sign-in from a suspicious IP address is detected. Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one...
What should you do?
HOTSPOT You have an Azure subscription that has Azure Defender enabled for all supported resource types. You create an Azure logic app named LA1. You plan to use LA1 to automatically remediate security risks detected in Azure Security Center. View the window You need to test LA1 in Security Center....
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...
Topic 4, Misc. Questions
Topic 4, Misc. Questions Fabrikam. Inc. is a financial services company. The company has branch offices in New York. London, and Singapore. Fabrikam has remote users located across the globe. The remote users access company resources, including cloud resources, by using a VPN connection to a branch office. The network...
Which rule setting should you configure to meet the Microsoft Sentinel requirements?
Which rule setting should you configure to meet the Microsoft Sentinel requirements?A . From Set rule logic, turn off suppression.B . From Analytic rule details, configure the tactics.C . From Set rule logic, map the entities.D . From Analytic rule details, configure the severity.View AnswerAnswer: C
What should you include in the recommendation?
Your company uses Azure Sentinel to manage alerts from more than 10,000 IoT devices. A security manager at the company reports that tracking security threats is increasingly difficult due to the large number of incidents. You need to recommend a solution to provide a custom visualization to simplify the investigation...
Which two configurations should you modify?
You need to restrict cloud apps running on CLIENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer present part of the solution. NOTE: Each correct selection is worth one point.A . the Onboarding settings from Device management in Microsoft Defender Security...
Which role should you assign to Group1?
You need to ensure that the Group1 members can meet the Microsoft Sentinel requirements. Which role should you assign to Group1?A . Microsoft Sentinel Automation ContributorB . Logic App ContributorC . Automation OperatorD . Microsoft Sentinel Playbook OperatorView AnswerAnswer: D
What should you configure in Security Center to enable the email notifications?
Your company uses Azure Security Center and Azure Defender. The security operations team at the company informs you that it does NOT receive email notifications for security alerts. What should you configure in Security Center to enable the email notifications?A . Security solutionsB . Security policyC . Pricing & settingsD...
To which service should you export the alerts?
You have an Azure subscription that has Azure Defender enabled for all supported resource types. You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution. To which service should you export the alerts?A . Azure Cosmos...
