Microsoft SC-200 Exam Practice Test Instant Access

Question 1

You have an Azure subscription that contains a user named User1.

User1 is assigned an Azure Active Directory Premium Plan 2 license

You need to identify whether the identity of User1 was compromised during the last 90 days.

What should you use?

Athe risk detections report

Bthe risky users report

CIdentity Secure Score recommendations

Dthe risky sign-ins report

Answer : B

Question 2

You are responsible for responding to Azure Defender for Key Vault alerts.

During an investigation of an alert, you discover unauthorized attempts to access a key vault from a Tor exit node.

What should you configure to mitigate the threat?

AKey Vault firewalls and virtual networks

BAzure Active Directory (Azure AD) permissions

Crole-based access control (RBAC) for the key vault

Dthe access policy settings of the key vault

Answer : A

https://docs.microsoft.com/en-us/azure/key-vault/general/network-security

Question 3

You use Azure Sentinel.

You need to use a built-in role to provide a security analyst with the ability to edit the queries of custom Azure Sentinel workbooks. The solution must use the principle of least privilege.

Which role should you assign to the analyst?

AAzure Sentinel Contributor

BSecurity Administrator

CAzure Sentinel Responder

DLogic App Contributor

Answer : C

Azure Sentinel Contributor can create and edit workbooks, analytics rules, and other Azure Sentinel resources.

https://docs.microsoft.com/en-us/azure/sentinel/roles

Question 4

You have an Azure subscription that uses Microsoft Defender for Cloud.

You have a GitHub account named Account1 that contains 10 repositories.

You need to ensure that Defender for Cloud can assess the repositories in Account1.

What should you do first in the Microsoft Defender for Cloud portal?

AAdd an environment.

BEnable security policies.

CEnable integrations.

DEnable a plan.

Answer : A

Question 5

You have a Microsoft 365 subscription. The subscription uses Microsoft 365 Defender and has data loss prevention (DLP) policies that have aggregated alerts configured.

You need to identify the impacted entities in an aggregated alert.

What should you review in the DIP alert management dashboard of the Microsoft Purview compliance portal?

Athe Details tab of the alert

BManagement log

Cthe Sensitive Info Types tab of the alert

Dthe Events tab of the alert

Answer : D

Question 6

You have an Azure subscription that use Microsoft Defender for Cloud and contains a user named User1.

You need to ensure that User1 can modify Microsoft Defender for Cloud security policies. The solution must use the principle of least privilege.

Which role should you assign to User1?

ASecurity operator

BSecurity Admin

COwner

DContributor

Answer : B

Question 7

The issue for which team can be resolved by using Microsoft Defender for Endpoint?

Aexecutive

Bsales

Cmarketing

Answer : C

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft- defender-atp-ios

Microsoft Security Operations Analyst SC-200 Exam Practice Test