Microsoft Exam SC-200 Topic 9 Question 12 Discussion

Actual exam question for Microsoft's SC-200 exam

Question #: 12
Topic #: 9

Your company uses Microsoft Defender for Endpoint.

The company has Microsoft Word documents that contain macros. The documents are used frequently on the devices of the company's accounting team.

You need to hide false positive in the Alerts queue, while maintaining the existing security posture. Which three actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

AResolve the alert automatically.

BHide the alert.

CCreate a suppression rule scoped to any device.

DCreate a suppression rule scoped to a device group.

EGenerate the alert.

Show Suggested Answer

Suggested Answer: B, C, E

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/manage-alerts

by Catalina at May 04, 2022, 05:51 PM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!