Summer Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 8w52ceb345

You have an Azure subscription named Sub1 and a Microsoft 365 subscription.

Microsoft SC-200 Full Course Access
Microsoft SC-200 View All Questions

You have an Azure subscription named Sub1 and a Microsoft 365 subscription. Sub1 is linked to an Azure Active Directory (Azure AD) tenant named contoso.com.

You create an Azure Sentinel workspace named workspace1. In workspace1, you activate an Azure AD connector for contoso.com and an Office 365 connector for the Microsoft 365 subscription.

You need to use the Fusion rule to detect multi-staged attacks that include suspicious sign-ins to contoso.com followed by anomalous Microsoft Office 365 activity.

Which two actions should you perform? Each correct answer present part of the solution

NOTE: Each correct selection is worth one point.

A.

Create custom rule based on the Office 365 connector templates.

B.

Create a Microsoft incident creation rule based on Microsoft Defender for Cloud.

C.

Create a Microsoft Cloud App Security connector.

D.

Create an Azure AD Identity Protection connector.

SC-200 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now SC-200 pdf
Get 60% Discount on All Products, Use Coupon: "8w52ceb345"
Next
You need to implement the scheduled rule for incident generation based on rulequery1.
You have a custom analytics rule to detect threats in Azure Sentinel.
Previous