- All Exams Instant Download
What should you include in the solution?
HOTSPOT You have an Azure subscription that uses Azure Defender. You plan to use Azure Security Center workflow automation to respond to Azure Defender threat alerts. You need to create an Azure policy that will perform threat remediation automatically. What should you include in the solution? To answer, select the...
What should you configure first?
You need to implement the Azure Information Protection requirements. What should you configure first?A . Device health and compliance reports settings in Microsoft Defender Security Center B. scanner clusters in Azure Information Protection from the Azure portal C. content scan jobs in Azure Information Protection from the Azure portal D....
What should you use to identify whether zero-hour auto purge (ZAP) moved an email message from the mailbox of a user?
You have a Microsoft 365 tenant that uses Microsoft Exchange Online and Microsoft Defender for Office 365. What should you use to identify whether zero-hour auto purge (ZAP) moved an email message from the mailbox of a user?A . the Threat Protection Status report in Microsoft Defender for Office 365...
What are two possible causes of the failures?
You create a custom analytics rule to detect threats in Azure Sentinel. You discover that the rule fails intermittently. What are two possible causes of the failures? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.A . The rule query takes too long...
What should you do?
HOTSPOT You have an Azure subscription that has Azure Defender enabled for all supported resource types. You create an Azure logic app named LA1. You plan to use LA1 to automatically remediate security risks detected in Azure Security Center. You need to test LA1 in Security Center. What should you...
What should you recommend for each threat?
HOTSPOT You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What should you recommend for each threat? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
Which four actions should you perform in sequence?
Topic 2, Litware inc. Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to...
What should you do?
HOTSPOT You have an Azure subscription that has Azure Defender enabled for all supported resource types. You create an Azure logic app named LA1. You plan to use LA1 to automatically remediate security risks detected in Defenders for Cloud. You need to test LA1 in Defender for Cloud. What should...
How should you complete the query?
HOTSPOT You need to create an advanced hunting query to investigate the executive team issue. How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
From Azure Sentinel, you open the Investigation pane for a high-severity incident as shown in the following exhibit
HOTSPOT From Azure Sentinel, you open the Investigation pane for a high-severity incident as shown in the following exhibit. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. View AnswerAnswer:...
