Deal of the Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft SC-200 Exam

Certification Provider: Microsoft
Exam Name: Microsoft Security Operations Analyst
Number of questions in our database: 185
Exam Version: Jun. 06, 2023
SC-200 Exam Official Topics:
  • Topic 1: Mitigate threats using Azure Defender/ Identify and remediate security risks using Secure Score
  • Topic 2: Identify and remediate security risks related to Conditional Access events/ manage data retention, alert notification, and advanced features
  • Topic 3: Identify and remediate security risks related to Azure Active Directory/ Remediate incidents by using Azure Defender recommendations
  • Topic 4: Identify and remediate security risks related to sign-in risk policies/ Identify data sources to be ingested for Azure Sentinel
  • Topic 5: Detect, investigate, respond, and remediate identity threats/ Configure and manage custom detections and alerts
  • Topic 6: Manage user data discovered during an investigation/ Assess and recommend insider risk policies
  • Topic 7: Investigate Azure Defender alerts and incidents/ Configure device attack surface reduction rules
  • Topic 8: Design and Configure Windows Events collections/ Manage data loss prevention policy alerts
  • Topic 9: Design and configure an Azure Defender implementation/ Configure automated responses in Azure Security Center
  • Topic 10: Identify, investigate, and remediate security risks related to privileged identities/ Design and configure playbook in Azure Defender
  • Topic 11: Identify the prerequisites for a data connector/ Configure detection alerts in Azure AD Identity Protection

Free Microsoft SC-200 Exam Actual Questions

The questions for SC-200 were last updated On Jun. 06, 2023

Question #1

You have an Azure subscription that contains an Microsoft Sentinel workspace.

You need to create a playbook that will run automatically in response to an Microsoft Sentinel alert.

What should you create first?

Reveal Solution Hide Solution
Correct Answer: D

Question #2

You have an Azure subscription that uses Microsoft Defender for Cloud. You need to filter the security alerts view to show the following alerts:

* Unusual user accessed a key vault

* Log on from an unusual location

* Impossible travel activity

Which severity should you use?

Reveal Solution Hide Solution
Correct Answer: C

Question #3

You have a Microsoft 365 subscription that uses Microsoft Defender for Endpoint.

You need to add threat indicators for all the IP addresses in a range of 171.23.3432-171.2334.63. The solution must minimize administrative effort.

What should you do in the Microsoft 365 Defender portal?

Reveal Solution Hide Solution
Correct Answer: C

This will add all the IP addresses in the range of 171.23.34.32/27 as threat indicators. This is the simplest and most efficient way to add all the IP addresses in the range.


Question #4

You have a custom Microsoft Sentinel workbook named Workbooks.

You need to add a grid to Workbook1. The solution must ensure that the grid contains a maximum of 100 rows.

What should you do?

Reveal Solution Hide Solution
Correct Answer: B

Question #5

You have an Azure subscription that uses Microsoft Sentinel.

You need to create a custom report that will visualise sign-in information over time.

What should you create first?

Reveal Solution Hide Solution

Unlock all SC-200 Exam Questions with Advanced Practice Test Features:
  • Select Question Types you want
  • Set your Desired Pass Percentage
  • Allocate Time (Hours : Minutes)
  • Create Multiple Practice tests with Limited Questions
  • Customer Support
Get Full Access Now
Disscuss Microsoft SC-200 Topics, Questions or Ask Anything Related

Save Cancel