ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-900 All Questions

View all questions & answers for the AZ-900 exam
Go to Exam

Exam AZ-900 topic 1 question 230 discussion

Actual exam question from Microsoft's AZ-900
Question #: 230
Topic #: 1
[All AZ-900 Questions]

HOTSPOT -
To complete the sentence, select the appropriate option in the answer area.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook
by mintyo at Sept. 30, 2021, 6:48 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mintyo
Highly Voted 3 years, 10 months ago
correct answer 「Playbooks are collections of procedures that can be run from Azure Sentinel in response to an alert or incident. A playbook can help automate and orchestrate your response, and can be set to run automatically when specific alerts or incidents are generated, by being attached to an analytics rule or an automation rule, respectively. It can also be run manually on-demand.」 https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook
upvoted 17 times
...
Rcosmos
Most Recent 5 days, 8 hours ago
A resposta correta para a pergunta é: ✅ "automatically respond to threats." 🔧 Explicação: Playbooks no Azure Sentinel são fluxos de trabalho automatizados que usam Azure Logic Apps para responder automaticamente a ameaças. Quando um alerta é gerado, o Sentinel pode acionar um playbook para tomar ações como: Isolar máquinas infectadas 🖥️🔒 Bloquear endereços IP suspeitos 🚫🌐 Notificar a equipe de segurança 📩🔔 Integrar com ferramentas externas como Teams, Email ou outras plataformas SIEM
upvoted 1 times
...
PN60
9 months, 1 week ago
Rememeber the "Security" key word in "SIEM" Sentinel. Security - Threat.
upvoted 1 times
...
PN60
9 months, 1 week ago
remember Security Information and Event Management (SIEM) Sentinel - "Security "
upvoted 1 times
...
zellck
2 years, 6 months ago
Same as question 247. https://www.examtopics.com/discussions/microsoft/view/87281-exam-az-900-topic-1-question-247-discussion
upvoted 1 times
...
zellck
2 years, 6 months ago
"automatically respond to threats" is the answer. https://learn.microsoft.com/en-us/azure/sentinel/automate-responses-with-playbooks#what-is-a-playbook A playbook is a collection of these remediation actions that can be run from Microsoft Sentinel as a routine. A playbook can help automate and orchestrate your threat response; it can be run manually on-demand on entities (in preview - see below) and alerts, or set to run automatically in response to specific alerts or incidents, when triggered by an automation rule. For example, if an account and machine are compromised, a playbook can isolate the machine from the network and block the account by the time the SOC team is notified of the incident.
upvoted 1 times
...
kamal_004
2 years, 9 months ago
Answer: Automatically respond to threats
upvoted 1 times
...
csboy
3 years, 4 months ago
on exam March 30, 2022
upvoted 2 times
...
MS_Learner
3 years, 5 months ago
Got Feb 10, 2022
upvoted 3 times
...
LiamAltaii
3 years, 7 months ago
Answe is correct. Off topic, this was not mentioned in learning path or did i miss it?
upvoted 2 times
...
easygo68
3 years, 8 months ago
Be asked in the 11.11.2021 exam!
upvoted 3 times
...
Vincenzo_Cassano
3 years, 9 months ago
on exam OCT 22, 2021
upvoted 3 times
...
AlaCh
3 years, 9 months ago
Correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel