ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 6 question 17 discussion

Actual exam question from Microsoft's SC-200
Question #: 17
Topic #: 6
[All SC-200 Questions]

You have a Microsoft 365 subscription that uses Microsoft Defender XDR and contains a Windows device named Device1.

The timeline of Device1 includes three files named File1.ps1, File2.exe, and File3.dll.

You need to submit files for deep analysis in Microsoft Defender XDR.

Which files can you submit?

  • A. File1.ps1 only
  • B. File2.exe only
  • C. File3.dll only
  • D. File2.exe and File3.dll only
  • E. File1.ps1 and File2.exe only
  • F. File1.ps1, File2.exe, and File3.dll
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by rsanx42 at May 30, 2024, 1:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rsanx42
Highly Voted 1 year, 1 month ago
Selected Answer: D
Correct. Deep analysis currently supports extensive analysis of portable executable (PE) files (including .exe and .dll files). PE files typically have .exe or .dll extensions (executable programs or applications). https://learn.microsoft.com/en-us/defender-endpoint/respond-file-alerts#deep-analysis
upvoted 12 times
talosDevbot
9 months, 2 weeks ago
I agree. I saw this in another question here somewhere regarding the same topic. Remember .sys files is also a type of portable executable file, just in case they change up this question in the exam
upvoted 3 times
...
...
Itsmebigal
Most Recent 7 months, 2 weeks ago
Selected Answer: D
I logged into XDR to check this and grabbed a ps1 file. On the DA tab this is the message it shows Submitting file to deep analysis collects the file from the device or from Microsoft sample store if the file already exists. Collecting the file can take up to 3 hours depending on file and device availability. The collected file is analyzed in a secured environment and a detailed report is created.  File type not supported Deep analysis currently supports analysis of portable executable (PE) files (for example, .exe and .dll files).
upvoted 2 times
...
g_man_rap
10 months, 4 weeks ago
You need to submit files for deep analysis in Microsoft Defender XDR. PowerShell script files can you submit? Sent by Copilot: Yes, you can submit PowerShell script files for deep analysis in Microsoft Defender XDR.
upvoted 1 times
talosDevbot
9 months, 1 week ago
PowerShell script files are not PE files, they're script files and not compiled binaries like PE files Deep analysis currently support Portable Executable (PE) files - .exe, .dll, .sys,
upvoted 2 times
...
...
scfitzp
1 year ago
Selected Answer: D
https://learn.microsoft.com/en-us/defender-endpoint/respond-file-alerts#deep-analysis Note Only PE files are supported, including .exe and .dll files.
upvoted 2 times
...
liveup2it
1 year, 1 month ago
Answer generated by CoPilot: In Microsoft Defender XDR, the following file types can be submitted for deep analysis: • Executable files (.exe, .dll) • Document files (.doc, .docx, .xls, .xlsx, .ppt, .pptx) • PDF files (.pdf) • Script files (.js, .vbs, .ps1) • Archive files (.zip, .rar, .tar, .gz) Please note that the ability to submit a file for deep analysis does not guarantee that meaningful results will be obtained for all file types. The effectiveness of deep analysis can vary depending on the specific characteristics of each file type.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel