Exam MS-102 topic 1 question 78 discussion

No - High severity Alert. No - Doesn't have 'Device' in name Yes - Has OS name Andriod and Tag contains 'Inventory

1. NO: You need to assign multiple alert severity. Checked this in test lab. 2. NO: Not member of Group1 and Group 2. 3. YES: Member of group 2 and low-severity alert. Answers are correct.

Based on the description of the incident email notification rule and the statements provided in the image: 1- If a high-severity incident is triggered for Device1, an incident email notification will be sent: The answer is Yes, as high-severity incidents are likely covered in the notification rule. 2- If a low-severity incident is triggered for Computer1, an incident notification email will be sent: The answer is No, since low-severity incidents are typically excluded in such rules unless specifically stated. 3- If a low-severity incident is triggered for Device3, an incident notification email will be sent: The answer is No, based on the assumption that only higher-severity incidents are included in the rule. _____________________________________________________________

You can create an alert only for "Low" (to Reduce Alert Fatigue) alerts..so will be NNY

Yes - If you set a incident notification rule to "low," you will receive notifications for all incidents classified as low, medium, and high severity. No Yes

Tricky question. In this case you need to select high, medium, low or informational seperatetly. https://learn.microsoft.com/en-us/defender-xdr/configure-email-notifications. Answer based on this is correct.

Yes - the severity is set to low, so it will be any alerts from low, medium, high No Yes

It catches low and above incidents, not specifically low incidents, so it will catch the high severity alert. Yes No Yes

Correct

correct answer