DRAG DROP - You have a Microsoft 365 E5 subscription. You plan to implement Azure Sentinel to create incidents based on: ✑ Azure Active Directory (Azure AD) Identity Protection alerts ✑ Correlated events from the DeviceProcessEvents table Which analytic rule types should you use for each incident type? To answer, drag the appropriate rule types to the correct incident types. Each rule type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Select and Place:Suggested Answer:
Reference: https://docs.microsoft.com/en-us/azure/sentinel/create-incidents-from-alerts https://docs.microsoft.com/en-us/azure/sentinel/detect-threats-custom This question is in MS-500 Microsoft 365 Security Administration Exam For getting Microsoft Certified: Security, Compliance, and Identity Fundamentals Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Microsoft. The website does not contain actual questions and answers from Microsoft's Certification Exams. Trademarks, certification & product names are used for reference only and belong to Microsoft.
Please login or Register to submit your answer