Given Answer A is correct. Because it is the most specific thing you can do from the given choices (A, C & D).
https://learn.microsoft.com/en-us/azure/sentinel/configure-fusion-rules#configure-fusion-rules
Fusion is enabled by default in Microsoft Sentinel, as an analytics rule called Advanced multistage attack detection. You can view and change the status of the rule, configure source signals to be included in the Fusion ML model, or exclude specific detection patterns that may not be applicable to your environment from Fusion detection. Learn how to configure the Fusion rule.
Rules ) Option A
connectors are already added, it's listed in existing environment:
"The subscription contains an Azure Sentinel instance that uses the AAD connector and the Office 365 connector."
"suspicious Azure AD sign-ins" => MS Entra ID Protection connector needed. The answer is C.
upvoted 1 times
...
...
...
This section is not available anymore. Please use the main Exam Page.SC-300 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
DeepMoon
Highly Voted 2 years, 2 months agoRoliani
Most Recent 8 months, 2 weeks agodule27
1 year, 5 months agoACSC
2 years agozman_83
2 years, 2 months agoLHADUK
2 years agoDoinitza
9 months, 4 weeks ago