HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
Suggested Answer:
Box 1: No - Microsoft Sentinel data connectors are available for non-Microsoft services like Amazon Web Services.
Box 2: Yes - Once you have connected your data sources to Microsoft Sentinel, you can visualize and monitor the data using the Microsoft Sentinel adoption of Azure Monitor Workbooks, which provides versatility in creating custom dashboards. While the Workbooks are displayed differently in Microsoft Sentinel, it may be useful for you to see how to create interactive reports with Azure Monitor Workbooks. Microsoft Sentinel allows you to create custom workbooks across your data, and also comes with built-in workbook templates to allow you to quickly gain insights across your data as soon as you connect a data source.
Box 3: Yes - To help security analysts look proactively for new anomalies that weren't detected by your security apps or even by your scheduled analytics rules, Microsoft Sentinel's built-in hunting queries guide you into asking the right questions to find issues in the data you already have on your network. Reference: https://docs.microsoft.com/en-us/azure/sentinel/data-connectors-reference https://docs.microsoft.com/en-us/azure/sentinel/monitor-your-data https://docs.microsoft.com/en-us/azure/sentinel/hunting
The answer is No, Yes, Yes
https://learn.microsoft.com/en-us/azure/sentinel/data-connectors-reference
https://learn.microsoft.com/en-us/azure/sentinel/monitor-your-data?tabs=azure-portal
https://learn.microsoft.com/en-us/azure/sentinel/hunting?tabs=azure-portal
NYY
3) Use queries before, during, and after a compromise to take the following actions:
Before an incident occurs: Waiting on detections is not enough. Take proactive action by running any threat-hunting queries related to the data you're ingesting into your workspace at least once a week.
Results from your proactive hunting provide early insight into events that may confirm that a compromise is in process, or will at least show weaker areas in your environment that are at risk and need attention.
https://learn.microsoft.com/en-us/azure/sentinel/hunting#use-built-in-queries
NYY is the answer.
https://learn.microsoft.com/en-us/azure/sentinel/overview#collect-data-by-using-data-connectors
Microsoft Sentinel has built-in connectors to the broader security and applications ecosystems for non-Microsoft solutions. You can also use common event format, Syslog, or REST-API to connect your data sources with Microsoft Sentinel.
https://learn.microsoft.com/en-us/azure/sentinel/overview#create-interactive-reports-by-using-workbooks
After you onboard to Microsoft Sentinel, monitor your data by using the integration with Azure Monitor workbooks.
https://learn.microsoft.com/en-us/azure/sentinel/hunting
As security analysts and investigators, you want to be proactive about looking for security threats, but your various systems and security appliances generate mountains of data that can be difficult to parse and filter into meaningful events. Microsoft Sentinel has powerful hunting search and query tools to hunt for security threats across your organization's data sources. To help security analysts look proactively for new anomalies that weren't detected by your security apps or even by your scheduled analytics rules, Microsoft Sentinel's built-in hunting queries guide you into asking the right questions to find issues in the data you already have on your network.
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Mcelona
Highly Voted 1 year, 11 months agoBurnie
Highly Voted 2 years, 1 month agoLegendaryZA
Most Recent 1 month, 4 weeks agoRahulX
1 year, 3 months agoLorenz1974
1 year, 3 months agozellck
1 year, 7 months agozellck
1 year, 7 months ago