ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 2 question 24 discussion

Actual exam question from Microsoft's SC-200
Question #: 24
Topic #: 2
[All SC-200 Questions]

DRAG DROP -
You have an Azure Functions app that generates thousands of alerts in Azure Security Center each day for normal activity.
You need to hide the alerts automatically in Security Center.
Which three actions should you perform in sequence in Security Center? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://techcommunity.microsoft.com/t5/azure-security-center/suppression-rules-for-azure-security-center-alerts-are-now/ba-p/1404920
by Lion007 at June 26, 2022, 9:51 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Haha0010
Highly Voted 2 years, 7 months ago
In exam today (16 jan 2023)
upvoted 16 times
Tuitor01
8 months, 1 week ago
Today it would be done via the alert in the 'security center' page, lick on the alert, take action; choose suppress similar alerts then create suppression rules: https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-suppression-rules
upvoted 5 times
...
...
ACSC
Highly Voted 2 years, 9 months ago
Answer is correct. https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-suppression-rules#create-a-suppression-rule
upvoted 11 times
...
Baz10
Most Recent 1 year, 5 months ago
Outdated, thats why I got it wrong (it'll help me sleep at night)
upvoted 4 times
Henk1982
10 months, 2 weeks ago
hahahaaa luv it
upvoted 2 times
...
...
Ramye
1 year, 6 months ago
Note: Azure Security Center is now Microsoft Defender for Cloud
upvoted 3 times
...
chepeerick
1 year, 9 months ago
Correct Ans
upvoted 1 times
...
trashbox
1 year, 11 months ago
The answers are correct. "Select security alerts" -> "Suppression rule and create new suppression rule." In this case, "Entity type: Azure Resource" is optimal because of Azure Functions apps. https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-suppression-rules#create-a-suppression-rule
upvoted 2 times
...
mimguy
2 years, 1 month ago
On the exam July 7 2023
upvoted 2 times
...
amsioso
2 years, 11 months ago
Understand that "select security alerts" means "go to security alerts page". "Select Suppression rules"= "select the suppression rules link at the top of the page" https://docs.microsoft.com/en-us/azure/defender-for-cloud/alerts-suppression-rules
upvoted 4 times
...
somsom
3 years ago
the sequence is correct
upvoted 3 times
...
Lion007
3 years, 1 month ago
You can only select one security alert and create a supression rule for it. When selecting multiple security alerts and click 'Supression rules' then click 'Create new suppression rule', the drop down menu under Alerts (when selecting 'Custom') would allow you to select only one alert. That's why I find the answer wrong in terms of sequence of actions. Selecting the security alert (not alerts!) should be last.
upvoted 3 times
JoeP1
2 years ago
I believe Select security alerts means to go to the alerts instead of selecting one or more specific alerts.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel