Microsoft Exam SC-200 Topic 2 Question 63 Discussion

Actual exam question for Microsoft's SC-200 exam

Question #: 63
Topic #: 2

[All SC-200 Questions]

You have a Microsoft 365 B5 subscription that uses Microsoft Defender XDR. You are investigating an incident

You need to review the incident tasks that were performed. What can you use on the Incident page?

ATasks only

BTasks and Activity log only

CTasks and Alert timeline only

DTasks, Activity log, and Alert timeline

Show Suggested Answer

Suggested Answer: D

by Dalene at Dec 26, 2023, 09:00 PM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ayesha

17 days ago

I'm not sure, but I think Tasks and Alert timeline might be enough to review the incident tasks.

upvoted 0 times

...

Denae

20 days ago

Option B seems too limited. I'm going with D to get the full picture of what happened.

upvoted 0 times

...

Sherron

21 days ago

I think the correct answer is D. Tasks, Activity log, and Alert timeline provide the most comprehensive view of the incident investigation.

upvoted 0 times

...

Nathan

26 days ago

I agree with Muriel, having access to all three would provide a comprehensive view of the incident.

upvoted 0 times

...

Muriel

27 days ago

I think we can use Tasks, Activity log, and Alert timeline on the Incident page.

upvoted 0 times

...

Dorothy

28 days ago

I'm not sure, but I think Tasks and Alert timeline might be enough to review the incident tasks.

upvoted 0 times

...

Leslie

1 months ago

I agree with Daren, having access to all three would provide a comprehensive view of the incident.

upvoted 0 times

...

Daren

1 months ago

I think we can use Tasks, Activity log, and Alert timeline on the Incident page.

upvoted 0 times

...