ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 8 question 2 discussion

Actual exam question from Microsoft's SC-200
Question #: 2
Topic #: 12
[All SC-200 Questions]

You need to remediate active attacks to meet the technical requirements.
What should you include in the solution?

  • A. Azure Automation runbooks
  • B. Azure Logic Apps
  • C. Azure Functions
  • D. Azure Sentinel livestreams
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by AlaReAla at Sept. 23, 2021, 6:36 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Eltooth
Highly Voted 3 years, 7 months ago
Correct. Logic Apss = Playbooks which provide automated workflows to run based on triggers.
upvoted 17 times
Ramye
1 year, 2 months ago
Just adding the below so it’s easy to remember Logic Apps = Playbooks = Automation
upvoted 5 times
...
...
AlaReAla
Highly Voted 3 years, 7 months ago
"Playbooks in Azure Sentinel are based on workflows built in Azure Logic Apps, a cloud service that helps you schedule, automate, and orchestrate tasks and workflows across systems throughout the enterprise. This means that playbooks can take advantage of all the power and customizability of Logic Apps' built-in templates."
upvoted 7 times
...
g_man_rap
Most Recent 8 months, 1 week ago
Selected Answer: D
Explanation: Azure Sentinel is a cloud-native SIEM (Security Information and Event Management) system that provides intelligent security analytics and threat intelligence across the enterprise. Sentinel livestreams allow security teams to create real-time, continuous monitoring streams that can be used to detect and respond to active attacks immediately. This feature is specifically designed for active monitoring and rapid response, making it the best fit for the requirement to "rapidly remediate active attacks."
upvoted 1 times
...
chepeerick
1 year, 6 months ago
Correct option to use playbooks
upvoted 1 times
...
Lion007
2 years, 10 months ago
Selected Answer: B
Correct. Logic apps will help automate remediations via Playbooks. The ketword in the question is "rapidly remediating active attacks".
upvoted 3 times
...
Fllinstone
3 years, 6 months ago
"Active Attack" makes me feel like it's D.
upvoted 6 times
Lafsa
2 years, 4 months ago
I thought the same :D
upvoted 1 times
...
Jens128
3 years, 3 months ago
I felt the same, but livestreams are for "test new queries, get notified when events occurs and launch investigation" - so no imidiate action included
upvoted 7 times
...
Ramye
1 year, 2 months ago
Yes, active attack but also says to remediate rapidly. So how do you do that? Using automation - that’s Playbooks
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago