Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Microsoft
  3. Microsoft Certified: Security Operations Analyst Associate
  4. SC-200
  5. Microsoft Security Operations Analyst Questions and Answers

Pass the Microsoft Certified: Security Operations Analyst Associate SC-200 Questions and answers with ValidTests

Exam SC-200 All Questions
Exam SC-200 Premium Access

View all detail and faqs for the SC-200 exam

Go to Exam
Viewing page 8 out of 12 pages
Viewing questions 71-80 out of questions
Questions # 71:

You need to ensure that the processing of incidents generated by rulequery1 meets the Microsoft Sentinel requirements.

What should you create first?

Options:

A.

a playbook with an incident trigger

B.

a playbook with an entity trigger

C.

an Azure Automation rule

D.

a playbook with an alert trigger

Expert Solution
Questions # 72:

You need to implement the Defender for Cloud requirements.

Which subscription-level role should you assign to Group1?

Options:

A.

Security Admin

B.

Owner

C.

Security Assessment Contributor

D.

Contributor

Expert Solution
Questions # 73:

You need to ensure that the Group1 members can meet the Microsoft Sentinel requirements.

Which role should you assign to Group1?

Options:

A.

Microsoft Sentinel Automation Contributor

B.

Logic App Contributor

C.

Automation Operator

D.

Microsoft Sentinel Playbook Operator

Expert Solution
Questions # 74:

You need to implement the ASIM query for DNS requests. The solution must meet the Microsoft Sentinel requirements. How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Question # 74

Options:

Expert Solution
Questions # 75:

You need to configure event monitoring for Server1. The solution must meet the Microsoft Sentinel requirements. What should you create first?

Options:

A.

a Microsoft Sentinel automation rule

B.

a Microsoft Sentinel scheduled query rule

C.

a Data Collection Rule (DCR)

D.

an Azure Event Grid topic

Expert Solution
Questions # 76:

You need to implement the Defender for Cloud requirements.

What should you configure for Server2?

Options:

A.

the Microsoft Antimalware extension

B.

an Azure resource lock

C.

an Azure resource tag

D.

the Azure Automanage machine configuration extension for Windows

Expert Solution
Questions # 77:

You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements. Which policy should you modify?

Options:

A.

Activity from suspicious IP addresses

B.

Activity from anonymous IP addresses

C.

Impossible travel

D.

Risky sign-in

Expert Solution
Questions # 78:

You need to implement the Azure Information Protection requirements. What should you configure first?

Options:

A.

Device health and compliance reports settings in Microsoft Defender Security Center

B.

scanner clusters in Azure Information Protection from the Azure portal

C.

content scan jobs in Azure Information Protection from the Azure portal

D.

Advanced features from Settings in Microsoft Defender Security Center

Expert Solution
Questions # 79:

You need to create the test rule to meet the Azure Sentinel requirements. What should you do when you create the rule?

Options:

A.

From Set rule logic, turn off suppression.

B.

From Analytics rule details, configure the tactics.

C.

From Set rule logic, map the entities.

D.

From Analytics rule details, configure the severity.

Expert Solution
Questions # 80:

You need to modify the anomaly detection policy settings to meet the Microsoft Defender for Cloud Apps requirements and resolve the reported problem.

Which policy should you modify?

Options:

A.

Activity from suspicious IP addresses

B.

Risky sign-in

C.

Activity from anonymous IP addresses

D.

Impossible travel

Expert Solution
Viewing page 8 out of 12 pages
Viewing questions 71-80 out of questions