New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-200 Exam - Topic 4 Question 104 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 104
Topic #: 4
[All SC-200 Questions]

You have the following environment:

Azure Sentinel

A Microsoft 365 subscription

Microsoft Defender for Identity

An Azure Active Directory (Azure AD) tenant

You configure Azure Sentinel to collect security logs from all the Active Directory member servers and domain controllers.

You deploy Microsoft Defender for Identity by using standalone sensors.

You need to ensure that you can detect when sensitive groups are modified in Active Directory.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer: A, D

https://docs.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection

https://docs.microsoft.com/en-us/defender-for-identity/configure-event-collection

by Alona at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Felicitas
3 days ago
A and D for sure. Wouldn't want any unauthorized changes to those sensitive groups, am I right?
upvoted 0 times
...
Chandra
8 days ago
Definitely A and D. Can't let those pesky hackers mess with our Active Directory!
upvoted 0 times
...
Queen
13 days ago
A and D are the way to go. Gotta keep an eye on those sensitive groups!
upvoted 0 times
...
Lili
18 days ago
Windows Event Forwarding sounds familiar, but I can't recall if it's necessary for detecting changes in sensitive groups.
upvoted 0 times
...
Tamekia
23 days ago
I practiced a similar question about auditing in the Microsoft 365 compliance center, but I don't know if that's the right choice here.
upvoted 0 times
...
Kina
28 days ago
I'm not entirely sure, but I feel like modifying permissions of the Domain Controllers OU could help with monitoring sensitive group changes.
upvoted 0 times
...
Stephen
1 month ago
I think we might need to configure the Advanced Audit Policy for the domain controllers. I remember that being important for tracking changes.
upvoted 0 times
...
Laila
1 month ago
I'm not sure where to start. There are a lot of moving parts here with the different Microsoft services. I'll need to review the details of each component to figure out the best approach.
upvoted 0 times
...
Beatriz
1 month ago
I'm pretty confident I can solve this. The question is asking us to perform two actions, and the answer choices give us some good options to consider, like the Advanced Audit Policy Configuration and Windows Event Forwarding.
upvoted 0 times
...
Thurman
2 months ago
Okay, let's think this through step-by-step. We need to detect changes to sensitive groups in Active Directory, so I'm guessing we'll need to configure some kind of auditing or event forwarding.
upvoted 0 times
...
Tamar
2 months ago
Hmm, I'm a bit confused about the different components here. Azure Sentinel, Microsoft Defender for Identity, and Azure AD - how do they all fit together for this question?
upvoted 0 times
...
Jani
2 months ago
I think I know how to approach this one. The key is to focus on the security monitoring and auditing capabilities of the tools we have available.
upvoted 0 times
...

Save Cancel