Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-200 Exam - Topic 1 Question 23 Discussion

You create a hunting query in Azure Sentinel.You need to receive a notification in the Azure portal as soon as the hunting query detects a match on the query. The solution must minimize effort.What should you use?
C) a livestream
A) a playbook
B) a notebook
D) a bookmark

Microsoft SC-200 Exam - Topic 1 Question 23 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 23
Topic #: 1
[All SC-200 Questions]

You create a hunting query in Azure Sentinel.

You need to receive a notification in the Azure portal as soon as the hunting query detects a match on the query. The solution must minimize effort.

What should you use?

Show Suggested Answer Hide Answer
Suggested Answer: C

Use livestream to run a specific query constantly, presenting results as they come in.


https://docs.microsoft.com/en-us/azure/sentinel/hunting

by Peggie at May 07, 2022, 09:38 AM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Katheryn
7 months ago
I agree, playbooks are super efficient for this!
upvoted 0 times
...
Asuncion
7 months ago
Wait, can a playbook really automate notifications? Sounds too easy.
upvoted 0 times
...
Avery
8 months ago
Definitely not a notebook, that’s too manual.
upvoted 0 times
...
Kenneth
8 months ago
I think a livestream could work too, but not sure.
upvoted 0 times
...
Domitila
8 months ago
A playbook is the way to go!
upvoted 0 times
...
Magdalene
8 months ago
I’m confused about the difference between a notebook and a playbook in this context. I need to double-check which one is more efficient for notifications.
upvoted 0 times
...
Oretha
8 months ago
I’m leaning towards a playbook too, but I wonder if a bookmark could somehow help in tracking the results of the query.
upvoted 0 times
...
Edward
8 months ago
I remember practicing a similar question, and I believe a livestream could be useful for real-time alerts, but it might not be the best fit here.
upvoted 0 times
...
Dudley
8 months ago
I think we might need to use a playbook for notifications, but I'm not entirely sure how it integrates with hunting queries.
upvoted 0 times
...
Gaynell
8 months ago
I'm a bit unsure about this one. I'm not super familiar with reading data from a URL and creating features in ArcGIS. I might need to do some research on the specific tools and methods to use.
upvoted 0 times
...
Shayne
8 months ago
I'm a bit confused here. The options include 10.2.3.2, 10.2.3.1, 192.168.2.0, and 10.1.1.1. I'm not sure which one is the correct next-hop for the default route on CR1. I'll need to double-check the network diagram and think this through.
upvoted 0 times
...
Sharmaine
8 months ago
I think business process to capability mapping could be key here, but I'm not entirely sure if it's the best fit for SOA services.
upvoted 0 times
...

Save Cancel