ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 1 question 61 discussion

Actual exam question from Microsoft's SC-200
Question #: 61
Topic #: 1
[All SC-200 Questions]

You have a Microsoft 365 subscription that uses Microsoft Defender XDR.

You discover that when Microsoft Defender for Endpoint generates alerts for a commonly used executable file, it causes alert fatigue.

You need to tune the alerts.

Which two actions can an alert tuning rule perform for the alerts? Each correct answer presents a complete solution.

NOTE: Each correct selection is worth one point.

  • A. delete
  • B. hide
  • C. resolve
  • D. merge
  • E. assign
Show Suggested Answer Hide Answer
Suggested Answer: BC 🗳️
by tryade at Dec. 27, 2024, 10:32 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
landfils
5 months, 2 weeks ago
Selected Answer: BC
B and C Hide : This action allows you to hide alerts generated by the specified executable file, reducing the noise and alert fatigue. These hidden alerts will not appear in the incident queue but will still be logged for historical purposes. Resolve : This action automatically resolves alerts generated by the specified executable file. The alerts are marked as resolved, indicating that no further action is required. This helps in managing alert fatigue by automatically handling known benign alerts.
upvoted 3 times
...
RoombaDoinZoomba
5 months, 2 weeks ago
Selected Answer: BC
Incorrect: https://learn.microsoft.com/en-us/defender-xdr/investigate-alerts?tabs=settings Alert tuning can only hide and resolve alerts to assist, it cannot merge alerts.
upvoted 1 times
...
tryade
5 months, 3 weeks ago
Selected Answer: BC
Incorrect, B and C https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/boost-your-detection-and-response-workflows-with-alert-tuning/3824712
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel