You have a Microsoft 365 subscription that uses Microsoft 365 Defender. You need to identify all the entities affected by an incident. Which tab should you use in the Microsoft 365 Defender portal? A. Investigations B. Devices C. Evidence and Response D. Alerts Suggested Answer: C The Evidence and Response tab shows all the supported events and suspicious entities in the alerts in the incident. Incorrect: * The Investigations tab lists all the automated investigations triggered by alerts in this incident. Automated investigations will perform remediation actions or wait for analyst approval of actions, depending on how you configured your automated investigations to run in Defender for Endpoint and Defender for Office 365. * Devices The Devices tab lists all the devices related to the incident. Reference: https://docs.microsoft.com/en-us/microsoft-365/security/defender/investigate-incidents This question is in SC-200 Exam For getting Microsoft Security Operations Analyst Associate Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Microsoft. The website does not contain actual questions and answers from Microsoft's Certification Exams. Trademarks, certification & product names are used for reference only and belong to Microsoft.
Please login or Register to submit your answer