Online Access Free Microsoft.SC-200.v2025-12-18.q155 Practice Test (Page 11)

SC-200 Exam Question 46

You are configuring Azure Sentinel.
You need to send a Microsoft Teams message to a channel whenever an incident representing a sign-in risk event is activated in Azure Sentinel.
Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A.Enable Entity behavior analytics.

B.Associate a playbook to the analytics rule that triggered the incident.

C.Enable the Fusion rule.

D.Add a playbook.

E.Create a workbook.

SC-200 Exam Question 47

You have a custom detection rule that includes the following KQL query.

For each of the following statements, select Yes if True. Otherwise select No.
NOTE: Each correct selection is worth one point.

SC-200 Exam Question 48

You need to implement the query for Workbook1 and Webapp1. The solution must meet the Microsoft Sentinel requirements. How should you configure the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

SC-200 Exam Question 49

You have an Azure subscription that contains a Log Analytics workspace named Workspace1.
You configure Azure activity logs and Microsoft Entra ID logs to be forwarded to Workspace1.
You need to identify which Azure resources have been queried or modified by risky users.
How should you complete the KQL query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

SC-200 Exam Question 50

You have a Microsoft 365 subscription that has Microsoft 365 Defender enabled.
You need to identify all the changes made to sensitivity labels during the past seven days.
What should you use?

A.the Incidents blade of the Microsoft 365 Defender portal

B.the Alerts settings on the Data Loss Prevention blade of the Microsoft 365 compliance center

C.Activity explorer in the Microsoft 365 compliance center

D.the Explorer settings on the Email & collaboration blade of the Microsoft 365 Defender portal

Other Version: 163Microsoft.SC-200.v2025-12-15.q150; 1606Microsoft.SC-200.v2025-02-21.q289; 1128Microsoft.SC-200.v2024-01-13.q112; 1048Microsoft.SC-200.v2023-08-25.q90; 976Microsoft.SC-200.v2023-07-08.q82; 996Microsoft.SC-200.v2023-07-03.q73; 1199Microsoft.SC-200.v2023-03-10.q64; 1106Microsoft.SC-200.v2023-02-18.q55; 3056Microsoft.SC-200.v2022-06-02.q106; 54Microsoft.Troytecdumps.SC-200.v2022-05-05.by.ian.106q.pdf; 1789Microsoft.SC-200.v2022-01-10.q42

Latest Upload: 123Salesforce.Analytics-DA-201.v2025-12-18.q77; 155Google.Associate-Cloud-Engineer.v2025-12-18.q130; 148Microsoft.SC-200.v2025-12-18.q155; 140IFPUG.I40-420.v2025-12-18.q105; 132NMLS.MLO.v2025-12-17.q109; 118SAP.C_HRHPC_2505.v2025-12-17.q41; 184ISACA.CISM-CN.v2025-12-17.q370; 226ISACA.CISA-CN.v2025-12-17.q626; 152PRINCE2.Prince2-Foundation.v2025-12-17.q204; 130SAP.C_THR89_2505.v2025-12-16.q58

SC-200 Exam Question 46

SC-200 Exam Question 47

SC-200 Exam Question 48

SC-200 Exam Question 49

SC-200 Exam Question 50

Download PDF File