ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-102 All Questions

View all questions & answers for the MS-102 exam
Go to Exam

Exam MS-102 topic 1 question 78 discussion

Actual exam question from Microsoft's MS-102
Question #: 78
Topic #: 1
[All MS-102 Questions]

HOTSPOT -
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint and contains the devices shown in the following table.

Defender for Endpoint has the device groups shown in the following table.

You create an incident email notification rule configured as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by Greatone1 at Aug. 22, 2023, 6:47 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Greatone1
Highly Voted 1 year, 10 months ago
No - High severity Alert. No - Doesn't have 'Device' in name Yes - Has OS name Andriod and Tag contains 'Inventory
upvoted 21 times
...
MR_Eliot
Highly Voted 9 months ago
1. NO: You need to assign multiple alert severity. Checked this in test lab. 2. NO: Not member of Group1 and Group 2. 3. YES: Member of group 2 and low-severity alert. Answers are correct.
upvoted 7 times
Besxp
7 months ago
Agree!
upvoted 2 times
...
...
EubertT
Most Recent 2 months, 2 weeks ago
Based on the description of the incident email notification rule and the statements provided in the image: 1- If a high-severity incident is triggered for Device1, an incident email notification will be sent: The answer is Yes, as high-severity incidents are likely covered in the notification rule. 2- If a low-severity incident is triggered for Computer1, an incident notification email will be sent: The answer is No, since low-severity incidents are typically excluded in such rules unless specifically stated. 3- If a low-severity incident is triggered for Device3, an incident notification email will be sent: The answer is No, based on the assumption that only higher-severity incidents are included in the rule. _____________________________________________________________
upvoted 3 times
...
665d390
9 months, 1 week ago
You can create an alert only for "Low" (to Reduce Alert Fatigue) alerts..so will be NNY
upvoted 1 times
...
abill
9 months, 4 weeks ago
Yes - If you set a incident notification rule to "low," you will receive notifications for all incidents classified as low, medium, and high severity. No Yes
upvoted 1 times
...
spatrick
1 year, 1 month ago
Tricky question. In this case you need to select high, medium, low or informational seperatetly. https://learn.microsoft.com/en-us/defender-xdr/configure-email-notifications. Answer based on this is correct.
upvoted 1 times
...
Motanel
1 year, 2 months ago
Yes - the severity is set to low, so it will be any alerts from low, medium, high No Yes
upvoted 7 times
Krayzr
5 months, 2 weeks ago
NOT true. This is because the notification rule works as a filter, only triggering notifications for incidents that meet the specified criteria. In this case, the criterion is "low" severity. https://learn.microsoft.com/en-us/defender-xdr/m365d-notifications-incidents
upvoted 1 times
...
...
OwerGame
1 year, 2 months ago
It catches low and above incidents, not specifically low incidents, so it will catch the high severity alert. Yes No Yes
upvoted 3 times
...
amurp35
1 year, 9 months ago
Correct
upvoted 3 times
...
nsotis28
1 year, 10 months ago
correct answer
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel