You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements and resolve the reported problem. Which policy should you modify?
Agree - C. Users connecting to two geographically separate locations at the same time would trigger the impossible travel alert, however as these are legitimate then this setting needs to be altered to include both network addresses.
It's also because it's the only one that matches the anomaly detecetion list for defender for cloud :D I hesitated a bit with Risky Sign-ins which is kind a close to Risky IP, but nah, the answer is B.
The "Impossible travel" policy is designed to detect sign-ins where the travel time between two locations is deemed impossible by Azure AD. This policy helps to prevent unauthorized access to resources, and can be adjusted to meet the needs of the organization. By modifying this policy to account for simultaneous connections to both offices, you can reduce the frequency of false positive alerts while still maintaining a high level of security.
Therefore, the correct answer is C. Impossible travel.
Two distinct sign-in events will be captured with same time generated flag for the same user. So it appears to be Atypical travel / impossible Travel use case.
Based on the reported problem and the Cloud App Security requirements, the policy that needs to be modified is "Activity from anonymous IP addresses". This policy detects anomalous access to cloud apps from IP addresses that are not associated with the user's location. Since remote users of Litware connect to the network using VPNs from different locations, Cloud App Security may generate false positive alerts when users connect to both offices simultaneously. Modifying the "Activity from anonymous IP addresses" policy can help resolve this issue by excluding VPN IP addresses from being flagged as anonymous. Therefore, the correct answer is option B.
Correct.
Requirement: Cloud App Security must identify whether a user connection is anomalous based on tenant-level data.
Resolve the requirement: In the Impossible Travel policy, you can set the sensitivity slider to determine the level of anomalous behavior needed before an alert is triggered
https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy#tune-anomaly-detection-policies
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.SC-200 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Eltooth
Highly Voted 3 years, 7 months agoTuitor01
4 months, 4 weeks agoTuitor01
4 months, 4 weeks agoDiscuss4certi
3 years, 6 months agomolariosso
2 years, 10 months agoMurtuza
Most Recent 1 year, 4 months agochepeerick
1 year, 6 months agojamclash
1 year, 7 months agobillo79152718
1 year, 9 months ago[Removed]
2 years, 1 month agogyaansastra
2 years, 1 month ago[Removed]
2 years, 2 months agowsrudmen
2 years, 2 months agoWalaakb
2 years, 1 month agoevilprime
2 years, 1 month agoEfficia
3 years, 5 months ago