- All Exams Instant Download
Which two actions should you perform?
Your company stores the data for every project in a different Azure subscription. All the subscriptions use the same Azure Active Directory (Azure AD) tenant. Every project consists of multiple Azure virtual machines that run Windows Server. The Windows events of the virtual machines are stored in a Log Analytics...
Which two actions should you perform in Azure Sentinel?
You are configuring Azure Sentinel. You need to send a Microsoft Teams message to a channel whenever a sign-in from a suspicious IP address is detected. Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one...
The issue for which team can be resolved by using Microsoft Defender for Endpoint?
Topic 1, Contoso Ltd Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to...
Which indicator type should you use?
You receive a security bulletin about a potential attack that uses an image file. You need to create an indicator of compromise (IoC) in Microsoft Defender for Endpoint to prevent the attack. Which indicator type should you use?A . a URL/domain indicator that has Action set to Alert onlyB ....
What should you configure for Server2?
You need to implement the Defender for Cloud requirements. What should you configure for Server2?A . the Microsoft Antimalware extensionB . an Azure resource lockC . an Azure resource tagD . the Azure Automanage machine configuration extension for WindowsView AnswerAnswer: D
Which rule setting should you configure to meet the Microsoft Sentinel requirements?
Which rule setting should you configure to meet the Microsoft Sentinel requirements?A . From Set rule logic, turn off suppression.B . From Analytic rule details, configure the tactics.C . From Set rule logic, map the entities.D . From Analytic rule details, configure the severity.View AnswerAnswer: C
What should you include in the query?
You plan to create a custom Azure Sentinel query that will provide a visual representation of the security alerts generated by Azure Security Center. You need to create a query that will be used to display a bar graph. What should you include in the query?A . extendB . binC...
Which two configurations should you modify?
You need to restrict cloud apps running on CUENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.A . the Cloud Discovery settings in Microsoft Defender for Cloud AppsB...
What is a possible cause of the issue?
You have a custom analytics rule to detect threats in Azure Sentinel. You discover that the analytics rule stopped running. The rule was disabled, and the rule name has a prefix of AUTO DISABLED. What is a possible cause of the issue?A . There are connectivity issues between the data...
The issue for which team can be resolved by using Microsoft Defender for Office 365?
The issue for which team can be resolved by using Microsoft Defender for Office 365?A . executiveB . marketingC . securityD . salesView AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams?view=o365-worldwide
