The latest Microsoft Security Operations Analyst SC-200 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft Security Operations Analyst SC-200 exam and earn Microsoft Security Operations Analyst SC-200 certification.
Table of Contents
Question 121
Question
Which rule setting should you configure to meet the Azure Sentinel requirements?
A. From Set rule logic, turn off suppression.
B. From Analytics rule details, configure the tactics.
C. From Set rule logic, map the entities.
D. From Analytics rule details, configure the severity.
Answer
C. From Set rule logic, map the entities.
Reference
- Microsoft Docs > Azure > Security > Microsoft Sentinel > Create custom analytics rules to detect threats
Question 122
Question
You deploy Azure Sentinel.
You need to implement connectors in Azure Sentinel to monitor Microsoft Teams and Linux virtual machines in Azure. The solution must minimize administrative effort.
Which data connector type should you use for each workload? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Microsoft Teams:
- Custom
- Office 365
- Security Events
- Syslog
Linux virtual machines in Azure:
- Custom
- Office 365
- Security Events
- Syslog
Answer
Microsoft Teams: Office 365
Linux virtual machines in Azure: Syslog