SC-200 Exam Question 121

You have a Microsoft 365 subscription that uses Microsoft Defender XDR and contains a Windows device named Device1.
The timeline of Device1 includes three files named File1.ps1, File2.exe, and File3.dll.
You need to submit files for deep analysis in Microsoft Defender XDR.
Which files can you submit?
  • SC-200 Exam Question 122

    Hotspot Question
    You have an Azure subscription named Sub1 that uses Microsoft Defender for Cloud.
    You have an Azure DevOps organization named AzDO1.
    You need to integrate Sub1 and AzDO1. The solution must meet the following requirements:
    - Detect secrets exposed in pipelines by using Defender for Cloud.
    - Minimize administrative effort.
    What should you do? To answer, select the appropriate options in the answer area.
    NOTE: Each correct selection is worth one point.

    SC-200 Exam Question 123

    Hotspot Question
    You have an Azure subscription named Sub1 that contains an Azure key vault named Vault1 and an Azure Automation account named Automation1.
    You need to ensure that Automation1 can access Vault1. The solution1 must meet the following requirements:
    - Ensure that if Automation1 is deleted, the permissions granted for
    Vault1 will be removed automatically.
    - Ensure that runbooks created in Automation1 can read secret values
    stored in Vault1.
    - Follow the principle of least privilege.
    What should you configure for Automation1, and which built-in role should Automation1 use to access Vault1? To answer, select the appropriate options in the answer area.
    NOTE: Each correct answer is worth one point.

    SC-200 Exam Question 124

    Hotspot Question
    Your on-premises network contains 100 servers that run Windows Server.
    You have an Azure subscription that uses Microsoft Sentinel.
    You need to upload custom logs from the on-premises servers to Microsoft Sentinel.
    What should you do? To answer, select the appropriate options in the answer area.
    NOTE: Each correct selection is worth one point.

    SC-200 Exam Question 125

    You receive an alert from Azure Defender for Key Vault.
    You discover that the alert is generated from multiple suspicious IP addresses.
    You need to reduce the potential of Key Vault secrets being leaked while you investigate the issue. The solution must be implemented as soon as possible and must minimize the impact on legitimate users.
    What should you do first?