- All Exams Instant Download
What should do?
You have a Microsoft Sentinel workspace. You receive multiple alerts for failed sign in attempts to an account. You identify that the alerts are false positives. You need to prevent additional failed sign-in alerts from being generated for the account. The solution must meet the following requirements. • Ensure that...
Which two configurations should you modify?
Topic 2, Litware inc. Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to...
The issue for which team can be resolved by using Microsoft Defender for Office 365?
The issue for which team can be resolved by using Microsoft Defender for Office 365?A . executive B. marketing C. security D. salesView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams? view=o365-worldwide
What should you do?
HOTSPOT You have an Azure subscription that has Azure Defender enabled for all supported resource types. You create an Azure logic app named LA1. You plan to use LA1 to automatically remediate security risks detected in Azure Security Center. You need to test LA1 in Security Center. What should you...
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...
Which role should you assign for each task?
DRAG DROP Your company deploys Azure Sentinel. You plan to delegate the administration of Azure Sentinel to various groups. You need to delegate the following tasks: ✑ Create and run playbooks ✑ Create workbooks and analytic rules. The solution must use the principle of least privilege. Which role should you...
What should you create in Workspace1?
You have a Microsoft Sentinel workspace named Workspaces You need to exclude a built-in. source-specific Advanced Security Information Model (ASIM) parser from a built-in unified ASIM parser. What should you create in Workspace1?A . a workbook B. a hunting query C. a watchlist D. an analytic ruleView AnswerAnswer: D Explanation:...
What are two ways to achieve this goal?
You have a Microsoft Sentinel workspace. You need to prevent a built-in Advance Security information Model (ASIM) parse from being updated automatically. What are two ways to achieve this goal? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.A . Redeploy the built-in parse...
Which four actions should you perform in sequence?
DRAG DROP You open the Cloud App Security portal as shown in the following exhibit. You need to remediate the risk for the Launchpad app. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange...
What should you include in the recommendation?
You need to recommend a solution to meet the technical requirements for the Azure virtual machines. What should you include in the recommendation?A . just-in-time (JIT) access B. Azure Defender C. Azure Firewall D. Azure Application GatewayView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/azure/security-center/azure-defender
