Skip to Content

Microsoft Security Operations Analyst SC-200 Exam Questions and Answers – 2

The latest Microsoft Security Operations Analyst SC-200 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft Security Operations Analyst SC-200 exam and earn Microsoft Security Operations Analyst SC-200 certification.

Microsoft Security Operations Analyst SC-200 Exam Questions and Answers

Question 121

Question

Which rule setting should you configure to meet the Azure Sentinel requirements?

A. From Set rule logic, turn off suppression.
B. From Analytics rule details, configure the tactics.
C. From Set rule logic, map the entities.
D. From Analytics rule details, configure the severity.

Answer

C. From Set rule logic, map the entities.

Reference

Question 122

Question

You deploy Azure Sentinel.
You need to implement connectors in Azure Sentinel to monitor Microsoft Teams and Linux virtual machines in Azure. The solution must minimize administrative effort.
Which data connector type should you use for each workload? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Microsoft Teams:

  • Custom
  • Office 365
  • Security Events
  • Syslog

Linux virtual machines in Azure:

  • Custom
  • Office 365
  • Security Events
  • Syslog

Answer

Microsoft Teams: Office 365

Linux virtual machines in Azure: Syslog

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that\'s committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we haven\'t implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you\'re currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.