What should you do?

You have a Microsoft 365 subscription that uses Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).

All the devices in your organization are onboarded to Microsoft Defender ATP.

You need to ensure that an alert is generated if malicious activity was detected on a device during the last 24 hours.

What should you do?
A . From Alerts queue, create a suppression rule and assign an alert
B . From the Security & Compliance admin center, create an audit log search
C . From Advanced hunting, create a query and a detection rule
D . From the Security & Compliance admin center, create a data loss prevention (DLP) policy

Answer: C

Explanation:

Reference: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/custom-detectionrules

Latest MS-101 Dumps Valid Version with 268 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments