ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-900 All Questions

View all questions & answers for the SC-900 exam
Go to Exam

Exam SC-900 topic 1 question 71 discussion

Actual exam question from Microsoft's SC-900
Question #: 71
Topic #: 1
[All SC-900 Questions]

Which feature provides the extended detection and response (XDR) capability of Azure Sentinel?

  • A. integration with the Microsoft 365 compliance center
  • B. support for threat hunting
  • C. integration with Microsoft 365 Defender
  • D. support for Azure Monitor Workbooks
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by JayHall at Oct. 28, 2021, 7:38 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JayHall
Highly Voted 3 years, 6 months ago
Correct The Microsoft 365 Defender connector for Azure Sentinel (preview) sends all Microsoft 365 Defender incidents and alerts information to Azure Sentinel and keeps the incidents synchronized. Once you add the connector, Microsoft 365 Defender incidents—which include all associated alerts, entities, and relevant information received from Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office 365, and Microsoft Cloud App Security—are streamed to Azure Sentinel as security information and event management (SIEM) data, providing you with context to perform triage and incident response with Azure Sentinel. Once in Azure Sentinel, incidents remain bi-directionally synchronized with Microsoft 365 Defender, allowing you to take advantage of the benefits of both the Microsoft 365 Defender portal and Azure Sentinel in the Azure portal for incident investigation and response. https://docs.microsoft.com/en-us/microsoft-365/security/defender/microsoft-365-defender-integration-with-azure-sentinel?view=o365-worldwide
upvoted 38 times
...
Contactfornitish
Highly Voted 3 years, 2 months ago
Appeared in exam on 12/02/2022
upvoted 8 times
...
LegendaryZA
Most Recent 6 months, 4 weeks ago
The answer is: integration with Microsoft 365 Defender. https://learn.microsoft.com/en-us/defender-xdr/microsoft-365-defender-integration-with-azure-sentinel
upvoted 1 times
...
RahulX
1 year, 8 months ago
C. integration with Microsoft 365 Defender.
upvoted 1 times
...
zellck
2 years ago
Selected Answer: C
C is the answer. https://learn.microsoft.com/en-us/security/operations/siem-xdr-overview Microsoft 365 Defender is an XDR solution that automatically collects, correlates, and analyzes signal, threat, and alert data from across your Microsoft 365 environment. Microsoft Sentinel is a cloud-native solution that provides security information and event management (SIEM) and security orchestration, automation, and response (SOAR) capabilities. Together, Microsoft Sentinel and Microsoft 365 Defender provide a comprehensive solution to help organizations defend against modern attacks.
upvoted 2 times
...
2cent2
2 years, 3 months ago
Selected Answer: C
Microsoft Sentinel is a cloud-native SIEM tool; Microsoft 365 Defender provides XDR capabilities for end-user environments (email, documents, identity, apps, and endpoint); and Microsoft Defender for Cloud provides XDR capabilities for infrastructure and multi-cloud platforms including virtual machines, databases, containers, and IoT.
upvoted 7 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago