Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-200 Exam - Topic 4 Question 104 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 104
Topic #: 4
[All SC-200 Questions]

You have the following environment:

Azure Sentinel

A Microsoft 365 subscription

Microsoft Defender for Identity

An Azure Active Directory (Azure AD) tenant

You configure Azure Sentinel to collect security logs from all the Active Directory member servers and domain controllers.

You deploy Microsoft Defender for Identity by using standalone sensors.

You need to ensure that you can detect when sensitive groups are modified in Active Directory.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer: A, D

https://docs.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection

https://docs.microsoft.com/en-us/defender-for-identity/configure-event-collection

by Alona at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Kayleigh
2 days ago
Wait, can D) really help with this? Seems unlikely.
upvoted 0 times
...
Brittni
7 days ago
C) sounds like a good option too!
upvoted 0 times
...
Kristofer
12 days ago
I think B) is a bit overkill, not necessary.
upvoted 0 times
...
Mitzie
17 days ago
A) is definitely needed for auditing!
upvoted 0 times
...
Adolph
22 days ago
A and D, easy peasy. Gotta stay on top of that Active Directory security, am I right?
upvoted 0 times
...
Staci
27 days ago
Haha, I bet the person who wrote this question is an Active Directory ninja. A and D are the way to go!
upvoted 0 times
...
Felicitas
2 months ago
A and D for sure. Wouldn't want any unauthorized changes to those sensitive groups, am I right?
upvoted 0 times
...
Chandra
2 months ago
Definitely A and D. Can't let those pesky hackers mess with our Active Directory!
upvoted 0 times
...
Queen
2 months ago
A and D are the way to go. Gotta keep an eye on those sensitive groups!
upvoted 0 times
...
Lili
2 months ago
Windows Event Forwarding sounds familiar, but I can't recall if it's necessary for detecting changes in sensitive groups.
upvoted 0 times
...
Tamekia
2 months ago
I practiced a similar question about auditing in the Microsoft 365 compliance center, but I don't know if that's the right choice here.
upvoted 0 times
...
Kina
2 months ago
I'm not entirely sure, but I feel like modifying permissions of the Domain Controllers OU could help with monitoring sensitive group changes.
upvoted 0 times
...
Stephen
3 months ago
I think we might need to configure the Advanced Audit Policy for the domain controllers. I remember that being important for tracking changes.
upvoted 0 times
...
Laila
3 months ago
I'm not sure where to start. There are a lot of moving parts here with the different Microsoft services. I'll need to review the details of each component to figure out the best approach.
upvoted 0 times
...
Beatriz
3 months ago
I'm pretty confident I can solve this. The question is asking us to perform two actions, and the answer choices give us some good options to consider, like the Advanced Audit Policy Configuration and Windows Event Forwarding.
upvoted 0 times
...
Thurman
3 months ago
Okay, let's think this through step-by-step. We need to detect changes to sensitive groups in Active Directory, so I'm guessing we'll need to configure some kind of auditing or event forwarding.
upvoted 0 times
...
Tamar
3 months ago
Hmm, I'm a bit confused about the different components here. Azure Sentinel, Microsoft Defender for Identity, and Azure AD - how do they all fit together for this question?
upvoted 0 times
...
Jani
4 months ago
I think I know how to approach this one. The key is to focus on the security monitoring and auditing capabilities of the tools we have available.
upvoted 0 times
...

Save Cancel