ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 5 question 23 discussion

Actual exam question from Microsoft's SC-200
Question #: 23
Topic #: 5
[All SC-200 Questions]

You have a Microsoft 365 E5 subscription.

You need to ensure that an alert is generated in Microsoft Defender XDR when attackers attempt to connect to a specific device. The solution must minimize administrative effort.

What should you do in the Microsoft Defender portal?

  • A. Create a deception rule that includes a decoy.
  • B. Tag an existing device as a honeytoken entity.
  • C. Create a deception rule that includes a lure.
  • D. Tag an existing device as a sensitive entity.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Tamataya at March 1, 2025, 11:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
a_kto_to
4 months, 3 weeks ago
Selected Answer: B
Chat: ✅ Correct Answer: B. Tag an existing device as a honeytoken entity. 🔎 Explanation: A honeytoken entity in Microsoft Defender XDR is a decoy device (or account) used to detect unauthorized access attempts. When an attacker attempts to interact with the honeytoken, it generates an alert without interfering with real business operations.
upvoted 3 times
...
Tamataya
5 months, 3 weeks ago
Selected Answer: B
ChatGPT says B
upvoted 3 times
a_kto_to
5 months, 1 week ago
For me said C xD
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel