ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 5 question 22 discussion

Actual exam question from Microsoft's SC-200
Question #: 22
Topic #: 5
[All SC-200 Questions]

HOTSPOT
-

You have a Microsoft 365 E5 subscription that contains Windows 11 and Linux CentOS devices.

In Microsoft Defender XDR, Deception is set to On.

You plan to create a deception rule that will use a custom lure.

You need to specify the type of file, and the planting path for the custom lure.

What should you specify? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by 3746356 at March 31, 2025, 7:17 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Adel614
1 month, 3 weeks ago
1. BIN 2. {HOME} For the file type in option 1, BIN would be the most suitable choice for CentOS devices. BIN files are compatible with Linux and Windows systems and can act as executable binaries, making them effective as lures in a deception rule. LNK and EXE are primarily Windows-specific formats and would not work well in a Linux environment like CentOS. Correct answer for option 2, correct answer: {HOME}.
upvoted 1 times
...
rkrau
2 months ago
Well ChatGPT goes with LNK and {HOME}, while EXE and BIN are not supported file types for custom lures at this time. About EXE we could see it in the link below, also that the custom lures should be documents, config files and link files
upvoted 1 times
...
3746356
2 months, 2 weeks ago
correct. https://learn.microsoft.com/en-us/defender-xdr/configure-deception
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel