- All Exams Instant Download
Which three actions should you perform in a sequence?
DRAG DROP You create a new Azure subscription and start collecting logs for Azure Monitor. You need to configure Azure Security Center to detect possible threats related to sign-ins from suspicious IP addresses to Azure virtual machines. The solution must validate the configuration. Which three actions should you perform in...
What should you configure for Server2?
You need to implement the Defender for Cloud requirements. What should you configure for Server2?A . the Microsoft Antimalware extensionB . an Azure resource lockC . an Azure resource tagD . the Azure Auto manage machine configuration extension for WindowsView AnswerAnswer: D
What should you include in the recommendation?
You need to recommend a solution to meet the technical requirements for the Azure virtual machines. What should you include in the recommendation?A . just-in-time (JIT) accessB . Azure DefenderC . Azure FirewallD . Azure Application GatewayView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/azure/security-center/azure-defender
What should you configure first?
You need to implement the scheduled rule for incident generation based on rulequery1. What should you configure first?A . entity mappingB . custom detailsC . event groupingD . alert detailsView AnswerAnswer: D
Which four actions should you perform in sequence?
DRAG DROP You need to configure DC1 to meet the business requirements. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. View AnswerAnswer: Explanation: Step 1: log in to...
What is a possible cause of the issue?
You have a custom analytics rule to detect threats in Azure Sentinel. You discover that the analytics rule stopped running. The rule was disabled, and the rule name has a prefix of AUTO DISABLED. What is a possible cause of the issue?A . There are connectivity issues between the data...
Which policy should you modify?
You need to modify the anomaly detection policy settings to meet the Microsoft Defender for Cloud Apps requirements and resolve the reported problem. Which policy should you modify?A . Activity from suspicious IP addressesB . Risky sign-inC . Activity from anonymous IP addressesD . Impossible travelView AnswerAnswer: D
Which two roles should assign to the analyst?
Your company deploys the following services: ✑ Microsoft Defender for Identity ✑ Microsoft Defender for Endpoint ✑ Microsoft Defender for Office 365 You need to provide a security analyst with the ability to use the Microsoft 365 security center. The analyst must be able to approve and reject pending actions...
How should you configure the query?
HOTSPOT You need to implement the query for Workbook1 and Webapp1. The solution must meet the Microsoft Sentinel requirements. How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
Which role should you assign to SecAdmin1?
You have a Microsoft 365 subscription that uses Azure Defender. You have 100 virtual machines in a resource group named RG1. You assign the Security Admin roles to a new user named SecAdmin1. You need to ensure that SecAdmin1 can apply quick fixes to the virtual machines by using Azure...
