Free Access Microsoft.SC-200.v2023-01-30.q41 Practice Test (Page 3)

Question 6

You have an existing Azure logic app that is used to block Azure Active Directory (Azure AD) users. The logic app is triggered manually.
You deploy Azure Sentinel.
You need to use the existing logic app as a playbook in Azure Sentinel. What should you do first?

A.And a new scheduled query rule.

B.Add a data connector to Azure Sentinel.

C.Configure a custom Threat Intelligence connector in Azure Sentinel.

D.Modify the trigger in the logic app.

Question 7

You need to recommend a solution to meet the technical requirements for the Azure virtual machines. What should you include in the recommendation?

A.just-in-time (JIT) access

B.Azure Defender

C.Azure Firewall

D.Azure Application Gateway

Correct Answer: B

Reference:
https://docs.microsoft.com/en-us/azure/security-center/azure-defender
Topic 2, Litware inc.
Existing Environment
Identity Environment
The network contains an Active Directory forest named litware.com that syncs to an Azure Active Directory (Azure AD) tenant named litware.com.
Microsoft 365 Environment
Litware has a Microsoft 365 E5 subscription linked to the litware.com Azure AD tenant. Microsoft Defender for Endpoint is deployed to all computers that run Windows 10. All Microsoft Cloud App Security built-in anomaly detection policies are enabled.
Azure Environment
Litware has an Azure subscription linked to the litware.com Azure AD tenant. The subscription contains resources in the East US Azure region as shown in the following table.

Network Environment
Each Litware office connects directly to the internet and has a site-to-site VPN connection to the virtual networks in the Azure subscription.
On-premises Environment
The on-premises network contains the computers shown in the following table.

Current problems
Cloud App Security frequently generates false positive alerts when users connect to both offices simultaneously.
Planned Changes
Litware plans to implement the following changes:
Create and configure Azure Sentinel in the Azure subscription.
Validate Azure Sentinel functionality by using Azure AD test user accounts.
Business Requirements
Litware identifies the following business requirements:

Azure Information Protection Requirements
All files that have security labels and are stored on the Windows 10 computers must be available from the Azure Information Protection - Data discovery dashboard.
Microsoft Defender for Endpoint Requirements
All Cloud App Security unsanctioned apps must be blocked on the Windows 10 computers by using Microsoft Defender for Endpoint.
Microsoft Cloud App Security Requirements
Cloud App Security must identify whether a user connection is anomalous based on tenant-level data.
Azure Defender Requirements
All servers must send logs to the same Log Analytics workspace.
Azure Sentinel Requirements
Litware must meet the following Azure Sentinel requirements:
Integrate Azure Sentinel and Cloud App Security.
Ensure that a user named admin1 can configure Azure Sentinel playbooks.
Create an Azure Sentinel analytics rule based on a custom query. The rule must automatically initiate the execution of a playbook.
Add notes to events that represent data access from a specific IP address to provide the ability to reference the IP address when navigating through an investigation graph while hunting.
Create a test rule that generates alerts when inbound access to Microsoft Office 365 by the Azure AD test user accounts is detected. Alerts generated by the rule must be grouped into individual incidents, with one incident per test user account.

Question 8

You need to implement the Azure Information Protection requirements. What should you configure first?

A.Device health and compliance reports settings in Microsoft Defender Security Center

B.scanner clusters in Azure Information Protection from the Azure portal

C.content scan jobs in Azure Information Protection from the Azure portal

D.Advanced features from Settings in Microsoft Defender Security Center

Question 9

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring Azure Sentinel.
You need to create an incident in Azure Sentinel when a sign-in to an Azure virtual machine from a malicious IP address is detected.
Solution: You create a hunting bookmark.
Does this meet the goal?

A.Yes

B.No

Question 10

You have two Azure subscriptions that use Microsoft Defender for Cloud.
You need to ensure that specific Defender for Cloud security alerts are suppressed at the root management group level. The solution must minimize administrative effort.
What should you do in the Azure portal?

A.Create an Azure Policy assignment.

B.Modify the Workload protections settings in Defender for Cloud.

C.Create an alert rule in Azure Monitor.

D.Modify the alert settings in Defender for Cloud.

Other Version: 1033Microsoft.SC-200.v2025-02-04.q228; 1305Microsoft.SC-200.v2024-08-28.q262; 1354Microsoft.SC-200.v2023-03-24.q53; 1782Microsoft.SC-200.v2022-12-27.q112; 2675Microsoft.SC-200.v2022-07-31.q102; 3449Microsoft.SC-200.v2022-02-20.q104; 50Microsoft.Examcollectionpass.SC-200.v2021-09-10.by.cora.41q.pdf; 3476Microsoft.SC-200.v2021-09-09.q39

Latest Upload: 108Salesforce.Certified-Business-Analyst.v2025-10-24.q293; 150Salesforce.B2C-Solution-Architect.v2025-10-23.q111; 117CIPS.L6M1.v2025-10-23.q13; 139Adobe.AD0-E727.v2025-10-23.q69; 178Fortinet.NSE8_812.v2025-10-22.q86; 167HP.HPE2-B04.v2025-10-21.q38; 139Oracle.1Z0-1160-1.v2025-10-21.q18; 156GitHub.GitHub-Advanced-Security.v2025-10-21.q27; 159Oracle.1Z0-084.v2025-10-21.q31; 470CuramSoftware.CS0-003.v2025-10-18.q211

Question 6

Question 7

Question 8

Question 9

Question 10

Download PDF File