Exam SC-200 topic 3 question 19 discussion

Actual exam question from Microsoft's SC-200

Question #: 19
Topic #: 3

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring Azure Sentinel.
You need to create an incident in Azure Sentinel when a sign-in to an Azure virtual machine from a malicious IP address is detected.
Solution: You create a hunting bookmark.
Does this meet the goal?

A. Yes
B. No

Show Suggested Answer

Suggested Answer: B 🗳️

by Eltooth at Oct. 5, 2021, 6:48 a.m.

Comments

Submit Cancel

a_kto_to

3 weeks, 2 days ago

Selected Answer: B

ChatGTP: NO, scheduled KQL query ✅ Correct approach: Create a Scheduled Analytics Rule in Sentinel using KQL.

upvoted 1 times

...

chepeerick

6 months, 1 week ago

Correct

upvoted 1 times

...

[Removed]

1 year, 2 months ago

Selected Answer: B

you need to create a custom analytics rule in Azure Sentinel that detects sign-ins from malicious IP addresses and triggers an incident.

upvoted 1 times

...

Metasploit

1 year, 6 months ago

Selected Answer: B

B. NO. Hunting Bookmarks: https://learn.microsoft.com/en-us/azure/sentinel/bookmarks

upvoted 1 times

...

Eltooth

2 years, 7 months ago

Correct - No.

upvoted 1 times

...

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam

Exam SC-200 topic 3 question 19 discussion

Comments

a_kto_to

chepeerick

[Removed]

Metasploit

Eltooth

SY0-701