Join the discussion
Question 1/130
You have a Microsoft 365 E5 subscription that is linked to a hybrid Azure AD tenant.
You need to identify all the changes made to Domain Admins group during the past 30 days.
What should you use?
You need to identify all the changes made to Domain Admins group during the past 30 days.
What should you use?
Correct Answer: B
Add Comments
- Other Question (130q)
- Q1. You have a Microsoft 365 E5 subscription that is linked to a hybrid Azure AD tenant. You n...
- Q2. You need to implement Azure Sentinel queries for Contoso and Fabrikam to meet the technica...
- Q3. You have the following KQL query. (Exhibit)
- Q4. You have the resources shown in the following table. (Exhibit) You need to prevent duplica...
- Q5. You have a Microsoft 365 E5 subscription. You plan to perform cross-domain investigations ...
- Q6. You need to create the analytics rule to meet the Azure Sentinel requirements. What should...
- Q7. You need to create a query to investigate DNS-related activity. The solution must meet the...
- Q8. You need to configure DC1 to meet the business requirements. Which four actions should you...
- Q9. You are investigating an incident by using Microsoft 365 Defender. You need to create an a...
- Q10. You plan to create a custom Azure Sentinel query that will provide a visual representation...
- Q11. Your company uses Azure Security Center and Azure Defender. The security operations team a...
- Q12. You are investigating an incident by using Microsoft 365 Defender. You need to create an a...
- Q13. You purchase a Microsoft 365 subscription. You plan to configure Microsoft Cloud App Secur...
- Q14. You have a Microsoft Sentinel workspace named Workspaces You configure Workspace1 to c oll...
- Q15. Your company uses Azure Sentinel to manage alerts from more than 10,000 IoT devices. A sec...
- Q16. You have the following SQL query. (Exhibit)
- Q17. You have an Azure subscription linked to an Azure Active Directory (Azure AD) tenant. The ...
- Q18. You have an Azure subscription. You plan to implement an Microsoft Sentinel workspace. You...
- Q19. Your company uses Azure Security Center and Azure Defender. The security operations team a...
- Q20. Note: This question is part of a series of questions that present the same scenario. Each ...
- Q21. You have a Microsoft 365 E5 subscription that contains 200 Windows 10 devices enrolled in ...
- Q22. You have a Microsoft 365 subscription that uses Microsoft Defender for Endpoint. You need ...
- Q23. You have an Azure subscription that contains an Microsoft Sentinel workspace. You need to ...
- Q24. You need to configure the Azure Sentinel integration to meet the Azure Sentinel requiremen...
- Q25. You purchase a Microsoft 365 subscription. You plan to configure Microsoft Cloud App Secur...
- Q26. You need to minimize the effort required to investigate the Microsoft Defender for Identit...
- Q27. From Azure Sentinel, you open the Investigation pane for a high-severity incident as shown...
- Q28. You have an Azure subscription that uses Microsoft Sentinel. You need to minimize the admi...
- Q29. You are informed of an increase in malicious email being received by users. You need to cr...
- Q30. A company wants to analyze by using Microsoft 365 Apps. You need to describe the connected...
- Q31. You have the following advanced hunting query in Microsoft 365 Defender. (Exhibit) You nee...
- Q32. You have an Azure subscription that has Microsoft Defender for Cloud enabled. You have a v...
- Q33. Your company uses Azure Sentinel. A new security analyst reports that she cannot assign an...
- Q34. You have an Azure subscription that contains a virtual machine named VM1 and uses Azure De...
- Q35. You create a new Azure subscription and start collecting logs for Azure Monitor. You need ...
- Q36. You need to receive a security alert when a user attempts to sign in from a location that ...
- Q37. You need to visualize Azure Sentinel data and enrich the data by using third-party data so...
- Q38. You have a playbook in Azure Sentinel. When you trigger the playbook, it sends an email to...
- Q39. You have a Microsoft Sentinel workspace that contains the following incident. Brute force ...
- Q40. You are informed of an increase in malicious email being received by users. You need to cr...
- Q41. You are informed of a new common vulnerabilities and exposures (CVE) vulnerability that af...
- Q42. You have an Azure subscription that uses Azure Defender. You plan to use Azure Security Ce...
- Q43. You are responsible for responding to Azure Defender for Key Vault alerts. During an inves...
- Q44. You purchase a Microsoft 365 subscription. You plan to configure Microsoft Cloud App Secur...
- Q45. You have an Azure subscription that uses resource type for Cloud. You need to filter the s...
- Q46. HOTSPOT You are informed of an increase in malicious email being received by users. You ne...
- Q47. You have a Microsoft 365 E5 subscription that contains 200 Windows 10 devices enrolled in ...
- Q48. You have a Microsoft Sentinel workspace that contains an Azure AD data connector. You need...
- Q49. You need to complete the query for failed sign-ins to meet the technical requirements. Whe...
- Q50. You have a Microsoft 365 subscription that uses Microsoft 365 Defender and contains a user...
- Q51. Note: This question is part of a series of questions that present the same scenario. Each ...
- Q52. HOTSPOT for the Azure virtual You need to recommend remediation actions for the Azure Defe...
- Q53. You have an Azure subscription that contains an Microsoft Sentinel workspace. You need to ...
- Q54. Your company uses Azure Sentinel. A new security analyst reports that she cannot assign an...
- Q55. You have a Microsoft Sentinel workspace named sws1. You need to create a hunting query to ...
- Q56. You have an Azure subscription. You need to delegate permissions to meet the following req...
- Q57. You have an Azure subscription linked to an Azure Active Directory (Azure AD) tenant. The ...
- Q58. You have an Azure subscription that has Azure Defender enabled for all supported resource ...
- Q59. You need to implement Microsoft Defender for Cloud to meet the Microsoft Defender for Clou...
- Q60. You deploy Azure Sentinel. You need to implement connectors in Azure Sentinel to monitor M...
- Q61. You are informed of an increase in malicious email being received by users. You need to cr...
- Q62. You have the resources shown in the following table. (Exhibit) You need to prevent duplica...
- Q63. You have a Microsoft 365 E5 subscription that uses Microsoft 365 Defender for Endpoint. Yo...
- Q64. You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What...
- Q65. You need to implement Azure Defender to meet the Azure Defender requirements and the busin...
- Q66. Your company stores the data for every project in a different Azure subscription. All the ...
- Q67. You need to create a query for a workbook. The query must meet the following requirements:...
- Q68. You need to meet the Microsoft Sentinel requirements for collecting Windows Security event...
- Q69. You purchase a Microsoft 365 subscription. You plan to configure Microsoft Cloud App Secur...
- Q70. You have an Azure subscription that uses Microsoft Defender fof Ctoud. You have an Amazon ...
- Q71. You have an Azure Storage account that will be accessed by multiple Azure Function apps du...
- Q72. A company wants to analyze by using Microsoft 365 Apps. You need to describe the connected...
- Q73. You have a custom Microsoft Sentinel workbook named Workbooks. You need to add a grid to W...
- Q74. You have resources in Azure and Google cloud. You need to ingest Google Cloud Platform (GC...
- Q75. You are investigating a potential attack that deploys a new ransomware strain. You plan to...
- Q76. You have a Microsoft Sentinel workspace that contains an Azure AD data connector. You need...
- Q77. You have a Microsoft 365 E5 subscription that uses Microsoft Defender and an Azure subscri...
- Q78. You need to create the analytics rule to meet the Azure Sentinel requirements. What should...
- Q79. From Azure Sentinel, you open the Investigation pane for a high-severity incident as shown...
- Q80. You have an Azure subscription. You need to delegate permissions to meet the following req...
- Q81. You plan to create a custom Azure Sentinel query that will track anomalous Azure Active Di...
- Q82. You have a Microsoft 365 E5 subscription. You plan to perform cross-domain investigations ...
- Q83. You have an Azure subscription that uses Azure Defender. You plan to use Azure Security Ce...
- Q84. You need to meet the Microsoft Defender for Cloud Apps requirements What should you do? To...
- Q85. Your company stores the data for every project in a different Azure subscription. All the ...
- Q86. You have the following SQL query. (Exhibit)
- Q87. You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What...
- Q88. You have a Microsoft Sentinel workspace that contains an Azure AD data connector. You need...
- Q89. You have an Azure subscription linked to an Azure Active Directory (Azure AD) tenant. The ...
- Q90. You use Azure Sentinel to monitor irregular Azure activity. You create custom analytics ru...
- Q91. You need to meet the Microsoft Sentinel requirements for App1. What should you configure f...
- Q92. You have a Microsoft 365 E5 subscription that uses Microsoft Defender and an Azure subscri...
- Q93. You have a Microsoft subscription that has Microsoft Defender for Cloud enabled You config...
- Q94. You need to create a query for a workbook. The query must meet the following requirements:...
- Q95. You have an Azure Storage account that will be accessed by multiple Azure Function apps du...
- Q96. You need to use an Azure Resource Manager template to create a workflow automation that wi...
- Q97. You have an Azure Storage account that will be accessed by multiple Azure Function apps du...
- Q98. You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What...
- Q99. You have a Microsoft 365 E5 subscription. You plan to perform cross-domain investigations ...
- Q100. You have an Azure Storage account that will be accessed by multiple Azure Function apps du...
- Q101. You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What...
- Q102. You have an Azure Functions app that generates thousands of alerts in Azure Security Cente...
- Q103. You have a Microsoft Sentinel workspace that contains an Azure AD data connector. You need...
- Q104. You have a Microsoft 365 E5 subscription that uses Microsoft 365 Defender. You need to rev...
- Q105. You have a Microsoft Sentinel workspace named Workspaces You configure Workspace1 to c oll...
- Q106. You need to correlate data from the SecurityEvent Log Anarytks table to meet the Microsoft...
- Q107. You need to use an Azure Sentinel analytics rule to search for specific criteria in Amazon...
- Q108. You plan to create a custom Azure Sentinel query that will provide a visual representation...
- Q109. You have a Microsoft Sentinel workspace named workspace1 and an Azure virtual machine name...
- Q110. You need to add notes to the events to meet the Azure Sentinel requirements. Which three a...
- Q111. You use Azure Sentinel. You need to receive an immediate alert whenever Azure Storage acco...
- Q112. Note: This question is part of a series of questions that present the same scenario. Each ...
- Q113. You have an Azure subscription that uses Microsoft Defender for Cloud and contains a stora...
- Q114. HOTSPOT for the Azure virtual You need to recommend remediation actions for the Azure Defe...
- Q115. You need to create an advanced hunting query to investigate the executive team issue. How ...
- Q116. You have a Microsoft 365 subscription that uses Microsoft 365 Defender A remediation actio...
- Q117. Your company deploys Azure Sentinel. You plan to delegate the administration of Azure Sent...
- Q118. You have a Microsoft 365 tenant that uses Microsoft Exchange Online and Microsoft Defender...
- Q119. You have an Azure subscription that use Microsoft Defender for Cloud and contains a user n...
- Q120. You have two Azure subscriptions that use Microsoft Defender for Cloud. You need to ensure...
- Q121. You have an Azure subscription that has Azure Defender enabled for all supported resource ...
- Q122. You have an Azure subscription that uses Microsoft Sentinel. You need to create a custom r...
- Q123. A company wants to analyze by using Microsoft 365 Apps. You need to describe the connected...
- Q124. You need to use an Azure Sentinel analytics rule to search for specific criteria in Amazon...
- Q125. You have an existing Azure logic app that is used to block Azure Active Directory (Azure A...
- Q126. Your on-premises network contains 100 servers that run Windows Server. You have an Azure s...
- Q127. You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What...
- Q128. You need to restrict cloud apps running on CUENT1 to meet the Microsoft Defender for Endpo...
- Q129. You need to configure the Microsoft Sentinel integration to meet the Microsoft Sentinel re...
- Q130. You have the resources shown in the following table. (Exhibit) You need to prevent duplica...
