Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Microsoft Exam SC-200 Topic 8 Question 56 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 56
Topic #: 8
[All SC-200 Questions]

You are configuring Azure Sentinel.

You need to send a Microsoft Teams message to a channel whenever a sign-in from a suspicious IP address is detected.

Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer: D

by Lonny at Jul 28, 2023, 11:30 PM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ailene
1 months ago
C and D? Sounds like we're building a fancy Azure Sentinel dashboard rather than automating the response. I think I'll stick with A and B for this one.
upvoted 0 times
Yuki
5 days ago
C and D? Sounds like we're building a fancy Azure Sentinel dashboard rather than automating the response. I think I'll stick with A and B for this one.
upvoted 0 times
...
Makeda
6 days ago
B) Associate a playbook to an incident.
upvoted 0 times
...
Verona
14 days ago
A) Add a playbook.
upvoted 0 times
...
...
Yuette
1 months ago
Hmm, I'm not sure about this one. Maybe we should call in the Azure Sentinel support team - they seem to have a good sense of humor and can probably crack this case wide open!
upvoted 0 times
...
Gregoria
2 months ago
I would go with A and E. The Fusion rule can help detect suspicious activity, and a playbook can automate the response.
upvoted 0 times
Glennis
15 days ago
Yes, having a playbook and Fusion rule in place will definitely improve our incident response process.
upvoted 0 times
...
Sage
19 days ago
I think adding a playbook and enabling the Fusion rule will help us automate the response to suspicious activity.
upvoted 0 times
...
Alesia
20 days ago
I agree, setting up a playbook and enabling the Fusion rule is a good idea.
upvoted 0 times
...
...
Evelynn
2 months ago
A and B are the correct answers. You need to create a playbook to send the Teams message, and then associate that playbook with an incident.
upvoted 0 times
Karma
3 days ago
Great, those are the correct actions to take.
upvoted 0 times
...
Linette
6 days ago
B) Associate a playbook to an incident.
upvoted 0 times
...
Sabina
1 months ago
A) Add a playbook.
upvoted 0 times
...
Gilma
1 months ago
Then associate that playbook with an incident.
upvoted 0 times
...
Venita
2 months ago
You need to create a playbook to send the Teams message.
upvoted 0 times
...
Brett
2 months ago
A and B are the correct answers.
upvoted 0 times
...
...
Tashia
2 months ago
Creating a workbook might be useful for tracking and analyzing the data related to the sign-ins.
upvoted 0 times
...
Anissa
2 months ago
I agree with Alyssa. Enabling the Fusion rule could also help in detecting suspicious IP addresses.
upvoted 0 times
...
Alyssa
3 months ago
I think we should add a playbook and associate it to an incident.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77