ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 2 question 32 discussion

Actual exam question from Microsoft's SC-200
Question #: 32
Topic #: 2
[All SC-200 Questions]

DRAG DROP
-

You have a Microsoft subscription that has Microsoft Defender for Cloud enabled.

You configure the Azure logic apps shown in the following table.



You need to configure an automatic action that will run if a Suspicious process executed alert is triggered. The solution must minimize administrative effort.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Show Suggested Answer Hide Answer
Suggested Answer:
by QM21 at Jan. 17, 2023, 6:21 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
saurabh123sml
Highly Voted 1 year, 4 months ago
Filter by Alert Title Take Action Trigger Automated Response
upvoted 46 times
HAjouz
4 days ago
Select Take action. Configure the Trigger automated response settings. Configure the Prevent future attacks settings.
upvoted 1 times
...
...
ACSC
Highly Voted 1 year, 4 months ago
Filter by alert title Select Take action Configure the Trigger automated response settings https://learn.microsoft.com/en-us/azure/defender-for-cloud/managing-and-responding-alerts#respond-to-security-alerts
upvoted 22 times
RodrigoLima
1 year, 4 months ago
Actually correct! Just pay attention to the link content. "Trigger automated response - provides the option to trigger a logic app as a response to this security alert" while "Prevent future attacks - provides security recommendations to help reduce the attack surface, increase security posture, and thus prevent future attacks"
upvoted 3 times
...
...
Jay_13
Most Recent 4 months, 1 week ago
Filter by Alert Title Select Take Action Trigger Automated Response
upvoted 2 times
...
chepeerick
7 months, 3 weeks ago
Filter by Alert Title Take Action Trigger Automated Respons
upvoted 1 times
...
donathon
9 months, 3 weeks ago
Filter by Alert Title Take Actions Configure the Trigger Automated Response settings
upvoted 1 times
...
XLR8T2
11 months ago
La respuesta correcta es: 1. Filter by alert title 2. Select take action 3. Configure Trigger automard response settings Con esto utilizas el LogicApp_2 previamente informado en la pregunta.
upvoted 1 times
...
ct1984
1 year ago
It's INCREDIBLY frustrating that the answers are NEVER updated.
upvoted 17 times
Ramye
4 months, 1 week ago
@ExamTopics, paying attention?
upvoted 2 times
...
...
QM21
1 year, 5 months ago
Shouldn't it mitigate first?
upvoted 1 times
ACSC
1 year, 4 months ago
No, you need to configure an automatic action. Mitigate the threat provides manual remediation steps.
upvoted 4 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago