You have an Azure subscription that contains a virtual machine named VM1 and uses Azure Defender. Azure Defender has automatic provisioning enabled. You need to create a custom alert suppression rule that will supress false positive alerts for suspicious use of PowerShell on VM1. What should you do first? A. From Azure Security Center, add a workflow automation. B. On VM1, run the Get-MPThreatCatalog cmdlet. C. On VM1 trigger a PowerShell alert. D. From Azure Security Center, export the alerts to a Log Analytics workspace. Â Suggested Answer: C Reference: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-alerts?view=o365-worldwide This question is in SC-200 Exam For getting Microsoft Security Operations Analyst Associate Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Microsoft. The website does not contain actual questions and answers from Microsoft's Certification Exams. Trademarks, certification & product names are used for reference only and belong to Microsoft.
Please login or Register to submit your answer