SC-200練習試験と学習ガイドは厳密検証された最新な283問題 [Q84-Q100]

Share

SC-200練習試験と学習ガイドは厳密検証されたFast2test最新な283問題

2025年最新のな厳密検証された合格させるSC-200学習ガイドベズトお試しセット

質問 # 84
You have an Azure subscription named Sub1 that uses Microsoft Defender for Cloud.
You need to assign the PCI DSS 4.0 initiative to Sub1 and have the initiative displayed in the Defender for Cloud Regulatory compliance dashboard.
From Security policies in the Environment settings, you discover that the option to add more industry and regulatory standards is unavailable.
What should you do first?

  • A. Configure the Continuous export settings for Log Analytics.
  • B. Disable the Microsoft Cloud Security Benchmark (MCSB) assignment.
  • C. Configure the Continuous export settings for Azure Event Hubs.
  • D. Enable the Cloud Security Posture Management (CSPM) plan for the subscription.

正解:D


質問 # 85
You have a Microsoft Sentinel workspace that contains an Azure AD data connector.
You need to associate a bookmark with an Azure AD-related incident.
What should you do? To answer, drag the appropriate blades to the correct tasks. Each blade may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content NOTE: Each correct selection is worth one point.

正解:

解説:


質問 # 86
Your on-premises network contains 100 servers that run Windows Server.
You have an Azure subscription that uses Microsoft Sentinel.
You need to upload custom logs from the on-premises servers to Microsoft Sentinel.
What should you do? To answer, select the appropriate options m the answer area.

正解:

解説:


質問 # 87
You have an Azure subscription that has Azure Defender enabled for all supported resource types.
You create an Azure logic app named LA1.
You plan to use LA1 to automatically remediate security risks detected in Azure Security Center.
You need to test LA1 in Security Center.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Reference:
https://docs.microsoft.com/en-us/azure/security-center/workflow-automation#create-a-logic-app-and-define-when-it-should-automatically-run


質問 # 88
You deploy Azure Sentinel.
You need to implement connectors in Azure Sentinel to monitor Microsoft Teams and Linux virtual machines in Azure. The solution must minimize administrative effort.
Which data connector type should you use for each workload? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/sentinel/connect-office-365
https://docs.microsoft.com/en-us/azure/sentinel/connect-syslog


質問 # 89
You have a custom detection rule that includes the following KQL query.

For each of the following statements, select Yes if True. Otherwise select No.
NOTE: Each correct selection is worth one point.

正解:

解説:


質問 # 90
You have a Microsoft Sentinel workspace.
You need to create a KQL query that will identify successful sign-ins from multiple countries during the last three hours.
How should you complete the query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point

正解:

解説:


質問 # 91
You plan to create a custom Azure Sentinel query that will provide a visual representation of the security alerts generated by Azure Security Center.
You need to create a query that will be used to display a bar graph.
What should you include in the query?

  • A. count
  • B. extend
  • C. workspace
  • D. bin

正解:A

解説:
Section: [none]
Explanation/Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/visualize/workbooks-chart-visualizations


質問 # 92
You have a Microsoft 365 E5 subscription that uses Microsoft Exchange Online.
You need to identify phishing email messages.
Which three cmdlets should you run in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.

正解:

解説:

1 - New-ComplianceSearch
2 - Connect-ExchangeOnline
3 - Search-UnifiedAuditLog


質問 # 93
You have a Microsoft 365 subscription that uses Microsoft Defender for Office 365.
You have Microsoft SharePoint Online sites that contain sensitive documents. The documents contain customer account numbers that each consists of 32 alphanumeric characters.
You need to create a data loss prevention (DLP) policy to protect the sensitive documents.
What should you use to detect which documents are sensitive?

  • A. RegEx pattern matching
  • B. Azure Information Protection
  • C. SharePoint search
  • D. a hunting query in Microsoft 365 Defender

正解:B

解説:
Section: [none]
Explanation/Reference:
https://docs.microsoft.com/en-us/azure/information-protection/what-is-information-protection


質問 # 94
You create a hunting query in Azure Sentinel.
You need to receive a notification in the Azure portal as soon as the hunting query detects a match on the query. The solution must minimize effort.
What should you use?

  • A. a notebook
  • B. a bookmark
  • C. a livestream
  • D. a playbook

正解:C

解説:
Use livestream to run a specific query constantly, presenting results as they come in.
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/hunting


質問 # 95
You need to implement the Azure Information Protection requirements. What should you configure first?

  • A. scanner clusters in Azure Information Protection from the Azure portal
  • B. Advanced features from Settings in Microsoft Defender Security Center
  • C. content scan jobs in Azure Information Protection from the Azure portal
  • D. Device health and compliance reports settings in Microsoft Defender Security Center

正解:B

解説:
Topic 2, Litware inc.
Existing Environment
Identity Environment
The network contains an Active Directory forest named litware.com that syncs to an Azure Active Directory (Azure AD) tenant named litware.com.
Microsoft 365 Environment
Litware has a Microsoft 365 E5 subscription linked to the litware.com Azure AD tenant. Microsoft Defender for Endpoint is deployed to all computers that run Windows 10. All Microsoft Cloud App Security built-in anomaly detection policies are enabled.
Azure Environment
Litware has an Azure subscription linked to the litware.com Azure AD tenant. The subscription contains resources in the East US Azure region as shown in the following table.

Network Environment
Each Litware office connects directly to the internet and has a site-to-site VPN connection to the virtual networks in the Azure subscription.
On-premises Environment
The on-premises network contains the computers shown in the following table.

Current problems
Cloud App Security frequently generates false positive alerts when users connect to both offices simultaneously.
Planned Changes
Litware plans to implement the following changes:
Create and configure Azure Sentinel in the Azure subscription.
Validate Azure Sentinel functionality by using Azure AD test user accounts.
Business Requirements
Litware identifies the following business requirements:
* Azure Information Protection Requirements
* All files that have security labels and are stored on the Windows 10 computers must be available from the Azure Information Protection - Data discovery dashboard.
* Microsoft Defender for Endpoint Requirements
* All Cloud App Security unsanctioned apps must be blocked on the Windows 10 computers by using Microsoft Defender for Endpoint.
Microsoft Cloud App Security Requirements
Cloud App Security must identify whether a user connection is anomalous based on tenant-level data.
Azure Defender Requirements
All servers must send logs to the same Log Analytics workspace.
Azure Sentinel Requirements
Litware must meet the following Azure Sentinel requirements:
Integrate Azure Sentinel and Cloud App Security.
Ensure that a user named admin1 can configure Azure Sentinel playbooks.
Create an Azure Sentinel analytics rule based on a custom query. The rule must automatically initiate the execution of a playbook.
Add notes to events that represent data access from a specific IP address to provide the ability to reference the IP address when navigating through an investigation graph while hunting.
Create a test rule that generates alerts when inbound access to Microsoft Office 365 by the Azure AD test user accounts is detected. Alerts generated by the rule must be grouped into individual incidents, with one incident per test user account.


質問 # 96
You have a Microsoft Sentinel workspace.
You need to create a KQL query that will identify successful sign-ins from multiple countries during the last three hours.
How should you complete the query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point

正解:

解説:

Explanation:


質問 # 97
You need to configure DC1 to meet the business requirements.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

正解:

解説:

Explanation
Text Description automatically generated with medium confidence

Step 1: log in to https://portal.atp.azure.com as a global admin
Step 2: Create the instance
Step 3. Connect the instance to Active Directory
Step 4. Download and install the sensor.
Reference:
https://docs.microsoft.com/en-us/defender-for-identity/install-step1
https://docs.microsoft.com/en-us/defender-for-identity/install-step4


質問 # 98
You provision Azure Sentinel for a new Azure subscription. You are configuring the Security Events connector.
While creating a new rule from a template in the connector, you decide to generate a new alert for every event. You create the following rule query.

By which two components can you group alerts into incidents? Each correct answer presents a complete
solution.
NOTE: Each correct selection is worth one point.

  • A. resource group
  • B. computer
  • C. user
  • D. IP address

正解:B、C


質問 # 99
You purchase a Microsoft 365 subscription.
You plan to configure Microsoft Cloud App Security.
You need to create a custom template-based policy that detects connections to Microsoft 365 apps that originate from a botnet network.
What should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

正解:

解説:

Explanation:

Reference:
https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy


質問 # 100
......


マイクロソフトSC-200試験は、セキュリティオペレーション領域でスキルと知識を向上させたいセキュリティ専門家を対象としています。この試験では、セキュリティデータの分析、セキュリティインシデントの検出と対応、セキュリティコントロールの実装などのタスクを実行できる能力が求められます。この認定は、セキュリティアナリスト、インシデントレスポンダー、SOCアナリストなどの役割で働く個人に最適であり、競争の激しい求人市場で優れた存在感を示し、新しいキャリアの機会を開くことができます。

 

究極のガイドはSC-200最新時間限定今すぐダウンロード!:https://jp.fast2test.com/SC-200-premium-file.html

2025年最新のな厳密検証された合格できるSC-200試験にはリアル問題と解答:https://drive.google.com/open?id=1HW3OTKUbMcQuCkN031x--CTwlRZWoPiy


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어