- All Exams Instant Download
Which three actions should you perform in sequence in Security Center?
DRAG DROP You have an Azure Functions app that generates thousands of alerts in Azure Security Center each day for normal activity. You need to hide the alerts automatically in Security Center. Which three actions should you perform in sequence in Security Center? Each correct answer presents part of the...
The issue for which team can be resolved by using Microsoft Defender for Endpoint?
The issue for which team can be resolved by using Microsoft Defender for Endpoint?A . executive B. sales C. marketingView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios
What should you include in the solution?
HOTSPOT You need to implement Azure Sentinel queries for Contoso and Fabrikam to meet the technical requirements. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
Does this meet the goal?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you...
Which three actions should you perform in sequence in the Azure portal?
DRAG DROP You have a Microsoft Sentinel workspace named workspace1 and an Azure virtual machine named VM1. You receive an alert for suspicious use of PowerShell on VM1. You need to investigate the incident, identify which event triggered the alert, and identify whether the following actions occurred on VM1 after...
What should you do first?
You have an Azure Sentinel deployment in the East US Azure region. You create a Log Analytics workspace named LogsWest in the West US Azure region. You need to ensure that you can use scheduled analytics rules in the existing Azure Sentinel deployment to generate alerts based on queries to...
Which two configurations should you modify?
You need to restrict cloud apps running on CLIENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer present part of the solution. NOTE: Each correct selection is worth one point.A . the Onboarding settings from Device management in Microsoft Defender Security...
To which service should you export the alerts?
You have an Azure subscription that has Azure Defender enabled for all supported resource types. You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution. To which service should you export the alerts?A . Azure Cosmos...
What is a possible cause of the issue?
You have a custom analytics rule to detect threats in Azure Sentinel. You discover that the analytics rule stopped running. The rule was disabled, and the rule name has a prefix of AUTO DISABLED. What is a possible cause of the issue?A . There are connectivity issues between the data...
What should you include in the recommendation?
You need to recommend a solution to meet the technical requirements for the Azure virtual machines. What should you include in the recommendation?A . just-in-time (JIT) access B. Azure Defender C. Azure Firewall D. Azure Application GatewayView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/azure/security-center/azure-defender
