ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-101 All Questions

View all questions & answers for the MS-101 exam
Go to Exam

Exam MS-101 topic 2 question 46 discussion

Actual exam question from Microsoft's MS-101
Question #: 46
Topic #: 2
[All MS-101 Questions]

Your company has digitally signed applications.
You need to ensure that Microsoft Defender for Endpoint considers the digitally signed applications safe and never analyzes them.
What should you create in the Microsoft Defender Security Center?

  • A. a custom detection rule
  • B. an allowed/blocked list rule
  • C. an alert suppression rule
  • D. an indicator
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference:
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/manage-indicators
by Goena at Dec. 16, 2021, 2:36 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Goena
Highly Voted 3 years, 6 months ago
Correct answer D: Create indicators that define detection prevention and exclusion of entities and define an action to be taken and duration for when to apply the action.
upvoted 10 times
RenegadeOrange
2 years, 9 months ago
Agreed
upvoted 5 times
...
...
Sucxi
Most Recent 2 years, 1 month ago
Selected Answer: D
These indicators are kinda confusing. You can create a Indicator for a certificate. https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/indicator-certificates?view=o365-worldwide
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel