You have an Azure subscription that contains a Microsoft Sentinel workspace named WS1. You create a hunting query that detects a new attack vector. The attack vector maps to a tactic listed in the MITRE ATT&CK database. You need to ensure that an incident is created in WS1 when the new attack vector is detected. What should you configure? A. a hunting livestream session B. a query bookmark C. a scheduled query rule D. a Fusion rule  Suggested Answer: C This question is in SC-200 Exam For getting Microsoft Security Operations Analyst Associate Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Microsoft. The website does not contain actual questions and answers from Microsoft's Certification Exams. Trademarks, certification & product names are used for reference only and belong to Microsoft.
Please login or Register to submit your answer