New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-200 Exam - Topic 3 Question 41 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 41
Topic #: 3
[All SC-200 Questions]

You have a Microsoft Sentinel workspace named workspace1 that contains custom Kusto queries.

You need to create a Python-based Jupyter notebook that will create visuals. The visuals will display the results of the queries and be pinned to a dashboard. The solution must minimize development effort.

What should you use to create the visuals?

Show Suggested Answer Hide Answer
Suggested Answer: C

msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks. It includes functionality to: query log data from multiple sources. enrich the data with Threat Intelligence, geolocations and Azure resource data. extract Indicators of Activity (IoA) from logs and unpack encoded data.

MSTICPy reduces the amount of code that customers need to write for Microsoft Sentinel, and provides:

Data query capabilities, against Microsoft Sentinel tables, Microsoft Defender for Endpoint, Splunk, and other data sources.

Threat intelligence lookups with TI providers, such as VirusTotal and AlienVault OTX.

Enrichment functions like geolocation of IP addresses, Indicator of Compromise (IoC) extraction, and WhoIs lookups.

Visualization tools using event timelines, process trees, and geo mapping.

Advanced analyses, such as time series decomposition, anomaly detection, and clustering.


https://docs.microsoft.com/en-us/azure/sentinel/notebook-get-started

https://msticpy.readthedocs.io/en/latest/

by Glendora at Aug 18, 2022, 09:03 AM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Leonida
4 months ago
msticpy is designed for this kind of task, makes sense!
upvoted 0 times
...
Edna
4 months ago
Wait, TensorFlow for visuals? That seems off.
upvoted 0 times
...
Lizbeth
4 months ago
I disagree, matplotlib is more straightforward.
upvoted 0 times
...
Alethea
4 months ago
Plotly is great for visuals too!
upvoted 0 times
...
Meghan
5 months ago
I think msticpy is the best choice here.
upvoted 0 times
...
Scarlet
5 months ago
I feel like matplotlib is more traditional, but I wonder if it’s the most efficient for this specific task.
upvoted 0 times
...
Agustin
5 months ago
I practiced a similar question where we had to choose between matplotlib and plotly, and I think plotly won for ease of use.
upvoted 0 times
...
Georgene
5 months ago
I think plotly is a good choice for interactive visuals, but I can't recall if it directly supports dashboard pinning.
upvoted 0 times
...
Na
5 months ago
I remember we discussed using msticpy for integrating with Microsoft Sentinel, but I'm not sure if it's the best for visuals.
upvoted 0 times
...
Jaime
5 months ago
Hmm, I'm a bit unsure about this one. The range is from 1 to 80, so I'm not sure if the "less than 0" and "more than 80" options are valid equivalence classes. I'll need to think this through carefully.
upvoted 0 times
...
Carmela
5 months ago
Ah, I remember learning about this in class. The Limits class is the one that has methods to get the current usage of various governor limits, including DML statements. I'm confident that's the right answer.
upvoted 0 times
...

Save Cancel