This page was exported from IT Certification Exam Braindumps [ http://blog.braindumpsit.com ] Export date:Fri Apr 11 6:55:14 2025 / +0000 GMT ___________________________________________________ Title: [Q52-Q70] Use the best ways of preparing for SC-200 Exam Dumps with BraindumpsIT Microsoft SC-200 PDF Dumps [2025] --------------------------------------------------- Use the best ways of preparing for SC-200 Exam Dumps with BraindumpsIT Microsoft SC-200 dump PDF [2025] Microsoft SC-200 exam candidates will surely pass the Exam if they consider the SC-200 dumps learning material presented by BraindumpsIT. QUESTION 52You receive a security bulletin about a potential attack that uses an image file.You need to create an indicator of compromise (IoC) in Microsoft Defender for Endpoint to prevent the attack.Which indicator type should you use?  a URL/domain indicator that has Action set to Alert only  a URL/domain indicator that has Action set to Alert and block  a file hash indicator that has Action set to Alert and block  a certificate indicator that has Action set to Alert and block Section: [none]Explanation/Reference:https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/indicator-file?view=o365-worldwideQUESTION 53You use Azure Sentinel.You need to receive an immediate alert whenever Azure Storage account keys are enumerated. Which two actions should you perform? Each correct answer presents part of the solution.NOTE: Each correct selection is worth one point.  Create a livestream  Add a data connector  Create an analytics rule  Create a hunting query.  Create a bookmark. B: To add a data connector, you would use the Azure Sentinel data connectors feature to connect to your Azure subscription and to configure log data collection for Azure Storage account key enumeration events.C: After adding the data connector, you need to create an analytics rule to analyze the log data from the Azure storage connector, looking for the specific event of Azure storage account keys enumeration. This rule will trigger an alert when it detects the specific event, allowing you to take immediate action.QUESTION 54You have a Microsoft Sentinel workspace that contains a custom workbook named Workbook1.You need to create a visual based on the SecuntyEvent table. The solution must meet the following requirements:* Identify the number of security events ingested during the past week.* Display the count of events by day in a timechartWhat should you add to Workbook1?  a query  a metric  a group  links or tabs QUESTION 55You have 50 on-premises servers.You have an Azure subscription that uses Microsoft Defender for Cloud. The Defender for Cloud deployment has Microsoft Defender for Servers and automatic provisioning enabled.You need to configure Defender for Cloud to support the on-premises servers. The solution must meet the following requirements:* Provide threat and vulnerability management.* Support data collection rules.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. 1 – On the on-premises servers, install the Azure Connected Machine agent.2 – On the on-premises servers, install the Log Analytics agent.3 – From the Data controller settings in the Azure portal, create an Azure Arc data controller.QUESTION 56You need to implement the ASIM query for DNS requests. The solution must meet the Microsoft Sentinel requirements. How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Explanation:QUESTION 57You have a Microsoft 365 tenant that uses Microsoft Exchange Online and Microsoft Defender for Office 365.What should you use to identify whether zero-hour auto purge (ZAP) moved an email message from the mailbox of a user?  the Threat Protection Status report in Microsoft Defender for Office 365  the mailbox audit log in Exchange  the Safe Attachments file types report in Microsoft Defender for Office 365  the mail flow report in Exchange To determine if ZAP moved your message, you can use either the Threat Protection Status report or Threat Explorer (and real-time detections).Reference:https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-wQUESTION 58You need to implement Azure Defender to meet the Azure Defender requirements and the business requirements.What should you include in the solution? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. QUESTION 59You have an Azure subscription that uses Microsoft Defender for Cloud.You need to create a workflow that will send a Microsoft Teams message to the IT department of your company when a new Microsoft Secure Score action is generated.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. 1 – Configure a trigger condition.2 – Create an Azure logic app that includes the Defender for Cloud alert trigger.3 – Create an Azure logic app that includes a Defender for Cloud recommendation trigger.QUESTION 60Your company has an on-premises network that uses Microsoft Defender for Identity.The Microsoft Secure Score for the company includes a security assessment associated with unsecure Kerberos delegation.You need remediate the security risk.What should you do?  Install the Local Administrator Password Solution (LAPS) extension on the computers listed as exposed entities.  Disable legacy protocols on the computers listed as exposed entities.  Enforce LDAP signing on the computers listed as exposed entities.  Modify the properties of the computer objects listed as exposed entities. To remediate the security risk associated with unsecure Kerberos delegation, you should modify the properties of the computer objects listed as exposed entities. Specifically, you should set the Kerberos delegation settings to either ‘Trust this computer for delegation to any service’ or ‘Trust this computer for delegation to specified services only’. This will ensure that the computer is not allowed to use Kerberos delegation to access other computers on the network. Reference: https://docs.microsoft.com/en-us/windows/security/identity-protection/microsoft-defender-for-identity/configure-kerberos-delegationQUESTION 61You need to create a query to investigate DNS-related activity. The solution must meet the Microsoft Sentinel requirements. How should you complete the Query? To answer, select the appropriate options in the answer area NOTE: Each correct selection is worth one point. QUESTION 62You have an Azure subscription named Sub1 and an Azure DevOps organization named AzDO1. AzDO1 uses Defender for Cloud and contains a project that has a YAML pipeline named Pipeline1.Pipeline1 outputs the details of discovered open source software vulnerabilities to Defender for Cloud.You need to configure Pipeline1 to output the results of secret scanning to Defender for Cloud, What should you add to Pipeline1? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. QUESTION 63You create a new Azure subscription and start collecting logs for Azure Monitor.You need to configure Azure Security Center to detect possible threats related to sign-ins from suspicious IP addresses to Azure virtual machines. The solution must validate the configuration.Which three actions should you perform in a sequence? To answer, move the appropriate actions from the list of action to the answer area and arrange them in the correct order. ExplanationReference:https://docs.microsoft.com/en-us/azure/security-center/security-center-alert-validationQUESTION 64You have an Azure subscription that uses Microsoft Defender XDR.From the Microsoft Defender portal, you perform an audit search and export the results as a file named Filel.csv that contains 10,000 rows.You use Microsoft Excel to perform Get & Transform Data operations to parse the AuditData column from Filel.csv. The operations fail to generate columns for specific JSON properties.You need to ensure that Excel generates columns for the specific JSON properties in the audit search results.Solution: From Excel, you apply filters to the existing columns in Filel.csv to reduce the number of rows, and then you perform the Get & Transform Data operations to parse the AuditData column.Does this meet the requirement?  Yes  No QUESTION 65You need to assign role-based access control (RBAQ roles to Group1 and Group2 to meet The Microsoft Defender for Cloud requirements and the business requirements Which role should you assign to each group?To answer, select the appropriate options in the answer area NOTE Each correct selection is worth one point. Explanation:QUESTION 66You open the Cloud App Security portal as shown in the following exhibit.You need to remediate the risk for the Launchpad app.Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. ExplanationReference:https://docs.microsoft.com/en-us/cloud-app-security/governance-discoveryQUESTION 67You have an Azure subscription that has Azure Defender enabled for all supported resource types.You create an Azure logic app named LA1.You plan to use LA1 to automatically remediate security risks detected in Defenders for Cloud.You need to test LA1 in Defender for Cloud.What should you do? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. QUESTION 68You have four Azure subscriptions. One of the subscriptions contains a Microsoft Sentinel workspace.You need to deploy Microsoft Sentinel data connectors to collect data from the subscriptions by using Azure Policy. The solution must ensure that the policy will apply to new and existing resources in the subscriptions.Which type of connectors should you provision, and what should you use to ensure that all the resources are monitored? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point. Explanation:QUESTION 69You need to implement Microsoft Defender for Cloud to meet the Microsoft Defender for Cloud requirements and the business requirements. What should you include in the solution? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Explanation:QUESTION 70You have an Azure subscription that contains a user named User1 and a Microsoft Sentinel workspace named WS1. WS1 uses Microsoft Defender for Cloud.You have the Microsoft security analytics rules shown in the following table.User1 performs an action that matches Rule1, Rule2, Rule3, and Rule4. How many incidents will be created in WS1?  1  2  3  4  Loading … Accurate & Verified Answers As Seen in the Real Exam here: https://www.braindumpsit.com/SC-200_real-exam.html --------------------------------------------------- Images: https://blog.braindumpsit.com/wp-content/plugins/watu/loading.gif https://blog.braindumpsit.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2025-01-22 14:29:50 Post date GMT: 2025-01-22 14:29:50 Post modified date: 2025-01-22 14:29:50 Post modified date GMT: 2025-01-22 14:29:50