ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 2 question 48 discussion

Actual exam question from Microsoft's SC-200
Question #: 48
Topic #: 2
[All SC-200 Questions]

You have an Azure subscription that contains a virtual machine named VM1 and uses Microsoft Defender for Cloud.

Microsoft Defender for Cloud has automatic provisioning configured to use Azure Monitor Agent.

You need to create a custom alert suppression rule that will suppress false positive alerts for suspicious use of PowerShell on VM1.

What should you do first?

  • A. From Microsoft Defender for Cloud, export the alerts to a Log Analytics workspace.
  • B. From Microsoft Defender for Cloud, add a workflow automation.
  • C. On VM1, trigger a PowerShell alert.
  • D. On VM1, run the Get-MPThreatCatalog cmdlet.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by GeoPoi at May 9, 2023, 8:33 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
peponokefalos
Highly Voted 1 year, 1 month ago
Correct answer is C. In order to deploy a suppression rule, you must first trigger an alert.
upvoted 8 times
...
Gurulee
Most Recent 11 months, 1 week ago
C Alert types that were never triggered on a subscription or management group before the rule was created won't be suppressed. https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-suppression-rules#create-a-suppression-rule
upvoted 1 times
...
chepeerick
1 year, 1 month ago
Correct C
upvoted 1 times
...
[Removed]
1 year, 4 months ago
Selected Answer: C
Answer is C. You must trigger the alert before deploying a suppression rule.
upvoted 4 times
...
GeoPoi
1 year, 7 months ago
The answer its C , repeated question.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel