ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 3 question 23 discussion

Actual exam question from Microsoft's SC-200
Question #: 23
Topic #: 3
[All SC-200 Questions]

You need to visualize Azure Sentinel data and enrich the data by using third-party data sources to identify indicators of compromise (IoC).
What should you use?

  • A. notebooks in Azure Sentinel
  • B. Microsoft Cloud App Security
  • C. Azure Monitor
  • D. hunting queries in Azure Sentinel
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Task at May 30, 2021, 10:10 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
werbinich
Highly Voted 3 years, 1 month ago
The Azure portal and all Azure Sentinel tools use a common API to access this data store. The same API is also available for external tools such as Jupyter notebooks and Python. While many common tasks can be carried out in the portal, Jupyter extends the scope of what you can do with this data. It combines full programmability with a huge collection of libraries for machine learning, visualization, and data analysis. These attributes make Jupyter a compelling tool for security investigation and hunting. Thus Correct Answer.
upvoted 32 times
Soldier
2 years, 10 months ago
Great explanation @werbinich
upvoted 1 times
...
...
chepeerick
Most Recent 12 months ago
Correct option
upvoted 1 times
...
creed8171
1 year, 5 months ago
Selected Answer: A
Visualize = Notebooks
upvoted 2 times
Ramye
8 months ago
adding a bit further ... Visualize = Notebooks = Workbook
upvoted 1 times
...
...
eddz25
1 year, 9 months ago
Selected Answer: A
A. notebooks in Azure Sentinel To visualize Azure Sentinel data and enrich it by using third-party data sources to identify indicators of compromise (IoC), you can use notebooks in Azure Sentinel. Notebooks in Azure Sentinel are interactive documents that allow you to run queries, create visualizations, and perform data analysis on your Azure Sentinel data. They also allow you to connect to other data sources, such as third-party threat intelligence feeds, to enrich the data and identify indicators of compromise (IoCs). Once you have connected to the third-party data source, you can use Azure Sentinel notebook to blend the data, and create visualizations, and perform data analysis to identify the potential attack.
upvoted 1 times
...
vnez
2 years, 2 months ago
Selected Answer: A
Correct answer
upvoted 2 times
...
Eltooth
3 years, 1 month ago
A - correct Answer.
upvoted 4 times
...
Task
3 years, 4 months ago
Correct answer
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago