Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft Exam SC-200 Topic 8 Question 56 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 56
Topic #: 8
[All SC-200 Questions]

You are configuring Azure Sentinel.

You need to send a Microsoft Teams message to a channel whenever a sign-in from a suspicious IP address is detected.

Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer: D

by Lonny at Jul 28, 2023, 11:30 PM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ailene
2 months ago
C and D? Sounds like we're building a fancy Azure Sentinel dashboard rather than automating the response. I think I'll stick with A and B for this one.
upvoted 0 times
Yuki
12 days ago
C and D? Sounds like we're building a fancy Azure Sentinel dashboard rather than automating the response. I think I'll stick with A and B for this one.
upvoted 0 times
...
Makeda
13 days ago
B) Associate a playbook to an incident.
upvoted 0 times
...
Verona
21 days ago
A) Add a playbook.
upvoted 0 times
...
...
Yuette
2 months ago
Hmm, I'm not sure about this one. Maybe we should call in the Azure Sentinel support team - they seem to have a good sense of humor and can probably crack this case wide open!
upvoted 0 times
...
Gregoria
2 months ago
I would go with A and E. The Fusion rule can help detect suspicious activity, and a playbook can automate the response.
upvoted 0 times
Glennis
22 days ago
Yes, having a playbook and Fusion rule in place will definitely improve our incident response process.
upvoted 0 times
...
Sage
26 days ago
I think adding a playbook and enabling the Fusion rule will help us automate the response to suspicious activity.
upvoted 0 times
...
Alesia
27 days ago
I agree, setting up a playbook and enabling the Fusion rule is a good idea.
upvoted 0 times
...
...
Evelynn
2 months ago
A and B are the correct answers. You need to create a playbook to send the Teams message, and then associate that playbook with an incident.
upvoted 0 times
Carmelina
6 days ago
Yes, creating a playbook and associating it with an incident will allow you to send a Teams message when a suspicious sign-in is detected.
upvoted 0 times
...
Karma
10 days ago
Great, those are the correct actions to take.
upvoted 0 times
...
Linette
13 days ago
B) Associate a playbook to an incident.
upvoted 0 times
...
Sabina
1 months ago
A) Add a playbook.
upvoted 0 times
...
Gilma
1 months ago
Then associate that playbook with an incident.
upvoted 0 times
...
Venita
2 months ago
You need to create a playbook to send the Teams message.
upvoted 0 times
...
Brett
2 months ago
A and B are the correct answers.
upvoted 0 times
...
...
Tashia
3 months ago
Creating a workbook might be useful for tracking and analyzing the data related to the sign-ins.
upvoted 0 times
...
Anissa
3 months ago
I agree with Alyssa. Enabling the Fusion rule could also help in detecting suspicious IP addresses.
upvoted 0 times
...
Alyssa
3 months ago
I think we should add a playbook and associate it to an incident.
upvoted 0 times
...

Save Cancel