Free Microsoft SC-200 Exam Questions

You need to assign a role-based access control (RBAC) role to admin1 to meet the Azure Sentinel requirements and the business requirements. Which role should you assign?

You have a Microsoft 365 subscription that uses Microsoft Defender XDR. You discover that when Microsoft Defender for Endpoint generates alerts for a commonly used executable file, it causes alert fatigue. You need to tune the alerts. Which two actions can an alert tuning rule perform for the alerts? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

You receive an alert from Azure Defender for Key Vault.
You discover that the alert is generated from multiple suspicious IP addresses.
You need to reduce the potential of Key Vault secrets being leaked while you investigate the issue. The solution must be implemented as soon as possible and must minimize the impact on legitimate users.
What should you do first?

You have a Microsoft 365 subscription that contains the following resources: 100 users that are assigned a Microsoft 365 E5 license 100 Windows 11 devices that are joined to the Microsoft Entra tenant The users access their Microsoft Exchange Online mailbox by using Outlook on the web. You need to ensure that if a user account is compromised, the Outlook on the web session token can be revoked. What should you configure?

You use Azure Sentinel. You need to use a built-in role to provide a security analyst with the ability to edit the queries of custom Azure Sentinel workbooks. The solution must use the principle of least privilege. Which role should you assign to the analyst?