00:00

QUESTION 21

- (Exam Topic 2)
You need to configure the Azure Sentinel integration to meet the Azure Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
SC-200 dumps exhibit
Solution:
Graphical user interface, text, application Description automatically generated
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/siem-sentinel

Does this meet the goal?

Correct Answer: A

QUESTION 22

- (Exam Topic 3)
You are informed of an increase in malicious email being received by users.
You need to create an advanced hunting query in Microsoft 365 Defender to identify whether the accounts of the email recipients were compromised. The query must return the most recent 20 sign-ins performed by the recipients within an hour of receiving the known malicious email.
How should you complete the query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
SC-200 dumps exhibit
Solution:
Graphical user interface, text, application, email Description automatically generated
Reference:
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-query-emails-devices?view

Does this meet the goal?

Correct Answer: A

QUESTION 23

- (Exam Topic 2)
You need to assign a role-based access control (RBAC) role to admin1 to meet the Azure Sentinel requirements and the business requirements.
Which role should you assign?

Correct Answer: C
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/roles

QUESTION 24

- (Exam Topic 3)
From Azure Sentinel, you open the Investigation pane for a high-severity incident as shown in the following exhibit.
SC-200 dumps exhibit
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
SC-200 dumps exhibit
Solution:
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/tutorial-investigate-cases#use-the-investigation-graph-to-deep-d

Does this meet the goal?

Correct Answer: A

QUESTION 25

- (Exam Topic 2)
You need to implement Azure Defender to meet the Azure Defender requirements and the business requirements.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
SC-200 dumps exhibit
Solution:
Graphical user interface, application Description automatically generated

Does this meet the goal?

Correct Answer: A