<< Prev Question Next Question >>

Question 42/102

You have a Microsoft 365 E5 subscription that contains 200 Windows 10 devices enrolled in Microsoft Defender for Endpoint.
You need to ensure that users can access the devices by using a remote shell connection directly from the Microsoft 365 Defender portal. The solution must use the principle of least privilege.
What should you do in the Microsoft 365 Defender portal? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Recent Comments (The most recent comments are at the top.)

sam - Nov 22, 2024

The first answer is correct, but the second answer is wrong.
The network assessment job has nothing to do with the question. It is a feature to scan networks and discover network devices for vulnerability management. The correct answer should be "Automation in Full mode", because it is the only correct answer since the last provided answer is to set Automation to "Not automated" which is not correct as per Microsoft docs on Live Response, check it out here "Ensure that the device has an Automation Remediation level assigned to it." https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/live-response?view=o365-worldwide

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (102q)
1 commentQuestion 1: You have an Azure subscription that contains a user named Us...
Question 2: You deploy Azure Sentinel. You need to implement connectors ...
Question 3: You use Azure Sentinel to monitor irregular Azure activity. ...
Question 4: Your company uses Azure Sentinel. A new security analyst rep...
1 commentQuestion 5: You have a Microsoft subscription that has Microsoft Defende...
Question 6: Note: This question is part of a series of questions that pr...
Question 7: You need to modify the anomaly detection policy settings to ...
Question 8: You need to restrict cloud apps running on CLIENT1 to meet t...
Question 9: You implement Safe Attachments policies in Microsoft Defende...
Question 10: You need to add notes to the events to meet the Azure Sentin...
Question 11: You plan to create a custom Azure Sentinel query that will t...
Question 12: You have an Azure Sentinel deployment in the East US Azure r...
Question 13: Note: This question is part of a series of questions that pr...
Question 14: You have an Azure subscription that has Azure Defender enabl...
1 commentQuestion 15: You plan to create a custom Azure Sentinel query that will p...
Question 16: You need to remediate active attacks to meet the technical r...
1 commentQuestion 17: You have a Microsoft 365 subscription that uses Microsoft 36...
Question 18: You have an Azure subscription that contains an Azure logic ...
1 commentQuestion 19: You have an Azure subscription that uses Microsoft Defender ...
Question 20: You have an Azure subscription linked to an Azure Active Dir...
1 commentQuestion 21: You have 50 on-premises servers. You have an Azure subscript...
Question 22: Which rule setting should you configure to meet the Microsof...
1 commentQuestion 23: You have an Azure DevOps organization that uses Microsoft De...
Question 24: You have an Azure subscription that use Microsoft Defender f...
Question 25: You have a Microsoft 365 E5 subscription that uses Microsoft...
Question 26: You have the following KQL query. (Exhibit)...
Question 27: A security administrator receives email alerts from Azure De...
Question 28: You need to implement Azure Sentinel queries for Contoso and...
1 commentQuestion 29: You have a Microsoft 365 E5 subscription that uses Microsoft...
1 commentQuestion 30: You have an Azure subscription that uses Microsoft Defender ...
Question 31: Note: This question is part of a series of questions that pr...
Question 32: You need to implement the ASIM query for DNS requests. The s...
Question 33: You need to configure the Microsoft Sentinel integration to ...
Question 34: You have an Azure Functions app that generates thousands of ...
Question 35: You need to implement the Defender for Cloud requirements. W...
Question 36: You have an existing Azure logic app that is used to block A...
1 commentQuestion 37: You have a Microsoft Sentinel workspace named sws1. You plan...
1 commentQuestion 38: You have a suppression rule in Azure Security Center for 10 ...
1 commentQuestion 39: You need to implement the scheduled rule for incident genera...
1 commentQuestion 40: You need to implement the Defender for Cloud requirements. W...
1 commentQuestion 41: You have an Azure subscription that has Microsoft Defender f...
1 commentQuestion 42: You have a Microsoft 365 E5 subscription that contains 200 W...
Question 43: You have a custom detection rule that includes the following...
1 commentQuestion 44: You have an Azure subscription that uses Microsoft Defender ...
1 commentQuestion 45: You have an Azure subscription that contains a Microsoft Sen...
Question 46: You have an Azure subscription that contains a virtual machi...
1 commentQuestion 47: You need to meet the Microsoft Sentinel requirements for App...
Question 48: Your company has an on-premises network that uses Microsoft ...
Question 49: You have a Microsoft 365 subscription that uses Microsoft De...
Question 50: You use Azure Defender. You have an Azure Storage account th...
Question 51: You create a custom analytics rule to detect threats in Azur...
Question 52: You have an Azure subscription that uses Microsoft Defender ...
1 commentQuestion 53: You create a new Azure subscription and start collecting log...
1 commentQuestion 54: You purchase a Microsoft 365 subscription. You plan to confi...
Question 55: You have an Azure subscription. You need to delegate permiss...
1 commentQuestion 56: You need to ensure that the configuration of HuntingQuery1 m...
1 commentQuestion 57: You have a Microsoft 365 E5 subscription that uses Microsoft...
Question 58: You have an Azure subscription. The subscription contains 10...
Question 59: You have an Azure subscription that contains a user named Us...
Question 60: You are configuring Microsoft Cloud App Security. You have a...
Question 61: You need to configure DC1 to meet the business requirements....
2 commentQuestion 62: You have a Microsoft 365 E5 subscription that uses Microsoft...
Question 63: You have a Microsoft 365 E5 subscription that uses Microsoft...
1 commentQuestion 64: You need to configure event monitoring for Server1. The solu...
Question 65: You need to use an Azure Resource Manager template to create...
Question 66: Your company stores the data for every project in a differen...
1 commentQuestion 67: You have an Azure subscription that uses Microsoft Sentinel ...
Question 68: Note: This question is part of a series of questions that pr...
1 commentQuestion 69: You need to identify which mean time metrics to use to meet ...
1 commentQuestion 70: You have an Azure subscription named Sub1 and a Microsoft 36...
Question 71: You need to configure Microsoft Cloud App Security to genera...
Question 72: You need to restrict cloud apps running on CUENT1 to meet th...
1 commentQuestion 73: You have a Microsoft 365 subscription. The subscription uses...
1 commentQuestion 74: You need to meet the Microsoft Sentinel requirements for col...
1 commentQuestion 75: You need to assign a role-based access control (RBAC) role t...
Question 76: You have an Azure subscription. You plan to implement an Mic...
Question 77: You have an Azure subscription that uses Azure Defender. You...
1 commentQuestion 78: You have a custom Microsoft Sentinel workbook named Workbook...
Question 79: You need to receive a security alert when a user attempts to...
Question 80: You need to configure the Azure Sentinel integration to meet...
Question 81: You need to minimize the effort required to investigate the ...
1 commentQuestion 82: You have a Microsoft 365 E5 subscription that uses Microsoft...
1 commentQuestion 83: You have a Microsoft 365 subscription that uses Microsoft De...
Question 84: Your company deploys Azure Sentinel. You plan to delegate th...
Question 85: You have a Microsoft 365 subscription that uses Azure Defend...
1 commentQuestion 86: You have a Microsoft Sentinel playbook that is triggered by ...
Question 87: Note: This question is part of a series of questions that pr...
1 commentQuestion 88: You need to correlate data from the SecurityEvent Log Anaryt...
Question 89: You need to create a query for a workbook. The query must me...
1 commentQuestion 90: You are configuring Azure Sentinel. You need to send a Micro...
Question 91: You need to create the analytics rule to meet the Azure Sent...
Question 92: Note: This question is part of a series of questions that pr...
Question 93: You use Microsoft Sentinel. You need to receive an alert in ...
Question 94: You have a Microsoft 365 subscription that has Microsoft 365...
1 commentQuestion 95: You use Azure Sentinel. You need to use a built-in role to p...
Question 96: You are informed of a new common vulnerabilities and exposur...
1 commentQuestion 97: You have a Microsoft 365 E5 subscription that uses Microsoft...
Question 98: You are informed of an increase in malicious email being rec...
1 commentQuestion 99: You have an Azure subscription that contains an Microsoft Se...
Question 100: You have a Microsoft 365 E5 subscription that uses Microsoft...
Question 101: You have an Azure subscription named Sub1 that uses Microsof...
Question 102: You are investigating an incident by using Microsoft 365 Def...