Valid SC-200 Dumps shared by PassLeader for Helping Passing SC-200 Exam! PassLeader now offer the newest SC-200 VCE dumps and SC-200 PDF dumps, the PassLeader SC-200 exam questions have been updated and ANSWERS have been corrected, get the newest PassLeader SC-200 dumps with VCE and PDF here: https://www.passleader.com/sc-200.html (282 Q&As Dumps –> 311 Q&As Dumps –> 346 Q&As Dumps)
BTW, DOWNLOAD part of PassLeader SC-200 dumps from Cloud Storage: https://drive.google.com/drive/folders/1D7sX6DDpE-AaGl4QV9bMBXnyAbBcL2CE
NEW QUESTION 267
You have an Azure subscription that uses Microsoft Defender for Cloud and contains 100 virtual machines that run Windows Server. You need to configure Defender for Cloud to collect event data from the virtual machines. The solution must minimize administrative effort and costs. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Configure auto-provisioning by setting the security event storage to Common.
B. From the Microsoft Endpoint Manager admin center, enable automatic enrollment.
C. From the Azure portal, create an Azure Event Grid subscription.
D. Configure auto-provisioning by setting the security event storage to All Events.
E. From Defender for Cloud in the Azure portal, enable Microsoft Defender for Servers.
Answer: AE
Explanation:
Enable Auto-Provisioning from Defender for Cloud. And there you will be ask which Secrity Events should be stored. It is Nonne – Common – All. And without enabling Defender for servers in the Defender for Cloud Portal this won’t work.
NEW QUESTION 268
You have an Azure subscription that uses Microsoft Defender for Cloud. You have an Amazon Web Services (AWS) subscription. The subscription contains multiple virtual machines that run Windows Server. You need to enable Microsoft Defender for Servers on the virtual machines. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. From Defender for Cloud, enable agentless scanning.
B. Onboard the virtual machines to Microsoft Defender for Endpoint.
C. From Defender for Cloud, configure the AWS connector.
D. Install the Azure Virtual Machine Agent (VM Agent) on each virtual machine.
E. From Defender for Cloud, configure auto-provisioning.
Answer: CE
Explanation:
For a Defender for Servers deployment, you set up a connector, turn off plans you don’t need, configure auto-provisioning settings, authenticate to AWS/GCP, and deploy the settings. Auto-provisioning includes the agents used by Defender for Cloud and the Azure Connected Machine agent for onboarding to Azure with Azure Arc.
https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers?source=recommendations
NEW QUESTION 269
You create an Azure subscription named sub1. In sub1, you create a Log Analytics workspace named workspace1. You enable Microsoft Defender for Cloud and configure Defender for Cloud to use workspace1. You need to collect security event logs from the Azure virtual machines that report to workspace1. What should you do?
A. From Defender for Cloud, modify Microsoft Defender for Servers plan settings.
B. In sub1, register a provider.
C. From Defender for Cloud, create a workflow automation.
D. In workspace1, create a workbook.
Answer: A
Explanation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/tutorial-enable-servers-plan
NEW QUESTION 270
You have an Azure subscription that contains a Microsoft Sentinel workspace named WS1 and 100 virtual machines that run Windows Server. You need to configure the collection of Windows Security event logs for ingestion to WS1. The solution must meet the following requirements:
– Capture a full user audit trail including user sign-in and user sign-out events.
– Minimize the volume of events.
– Minimize administrative effort.
Which event set should you select?
A. Minimal.
B. Common.
C. All events.
D. Custom.
Answer: B
NEW QUESTION 271
You have a Microsoft 365 subscription that uses Microsoft Defender for Cloud Apps and has Cloud Discovery enabled. You need to enrich the Cloud Discovery data. The solution must ensure that usernames in the Cloud Discovery traffic logs are associated with the user principal name (UPN) of the corresponding Microsoft Entra ID user accounts. What should you do first?
A. From Conditional Access App Control, configure User monitoring.
B. Create a Microsoft 365 app connector.
C. Enable automatic redirection to Microsoft 365 Defender.
D. Create an Azure app connector.
Answer: B
NEW QUESTION 272
You have a Microsoft 365 subscription that contains the following resources:
– 100 users that are assigned a Microsoft 365 E5 license.
– 100 Windows 11 devices that are joined to the Microsoft Entra tenant.
The users access their Microsoft Exchange Online mailbox by using Outlook on the web. You need to ensure that if a user account is compromised, the Outlook on the web session token can be revoked. What should you configure?
A. security defaults in Microsoft Entra
B. Microsoft Entra Verified ID
C. a Conditional Access policy in Microsoft Entra
D. Microsoft Entra ID Protection
Answer: C
NEW QUESTION 273
You have an Azure subscription that uses Microsoft Defender for Cloud. You need to configure Defender for Cloud to mitigate the following risks:
– Vulnerabilities within the application source code.
– Exploitation toolkits in declarative templates.
– Operations from malicious IP addresses.
– Exposed secrets.
Which two Defender for Cloud services should you use? (Each correct answer presents part of the solution. Choose two.)
A. Microsoft Defender for Resource Manager
B. Microsoft Defender for DNS
C. Microsoft Defender for App Service
D. Microsoft Defender for Servers
E. Microsoft Defender for DevOps
Answer: AE
NEW QUESTION 274
HotSpot
You have an Azure subscription named Sub1 and an Azure DevOps organization named AzDO1. AzDO1 uses Defender for Cloud and contains a project that has a YAML pipeline named Pipeline1. Pipeline1 outputs the details of discovered open source software vulnerabilities to Defender for Cloud. You need to configure Pipeline to output the results of secret scanning to Defender for Cloud. What should you add to Pipeline1? (To answer, select the appropriate options in the answer area.)
Answer:
Explanation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/detect-exposed-secrets
NEW QUESTION 275
HotSpot
You have an Azure DevOps organization that uses Microsoft Defender for DevOps. The organization contains an Azure DevOps repository named Repo1 and an Azure Pipelines pipeline named Pipeline1. Pipeline1 is used to build and deploy code stored in Repo1. You need to ensure that when Pipeline1 runs, Microsoft Defender for Cloud can perform secret scanning of the code in Repo1. What should you install in the organization, and what should you add to the YAML file of Pipeline1? (To answer, select the appropriate options in the answer area.)
Answer:
NEW QUESTION 276
HotSpot
You have an Azure subscription that contains a Microsoft Sentinel workspace named WS1. You need to ensure that the incidents in WS1 include a list of actions that must be performed. The solution must meet the following requirements:
– Ensure that you can build a tailored list of actions for each type of incident.
– Minimize administrative effort.
What should you do? (To answer, select the appropriate options in the answer area.)
Answer:
NEW QUESTION 277
Drag and Drop
You have an Azure subscription that uses Microsoft Defender for Cloud. You need to create a workflow that will send a Microsoft Teams message to the IT department of your company when a new Microsoft Secure Score action is generated. Which three actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)
Answer:
Explanation:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation
NEW QUESTION 278
Drag and Drop
You have a Microsoft 365 E5 subscription that uses Microsoft Exchange Online. You need to identify phishing email messages. Which three cmdlets should you run in sequence? (To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.)
Answer:
NEW QUESTION 279
……
Get the newest PassLeader SC-200 VCE dumps here: https://www.passleader.com/sc-200.html (282 Q&As Dumps –> 311 Q&As Dumps –> 346 Q&As Dumps)
And, DOWNLOAD the newest PassLeader SC-200 PDF dumps from Cloud Storage for free: https://drive.google.com/drive/folders/1D7sX6DDpE-AaGl4QV9bMBXnyAbBcL2CE