SC-200 Practice Test

You need to implement the Azure Information Protection requirements. What should you
configure first?

A.

Device health and compliance reports settings in Microsoft Defender Security Center

B.

scanner clusters in Azure Information Protection from the Azure portal

C.

content scan jobs in Azure Information Protection from the Azure portal

D.

Advanced features from Settings in Microsoft Defender Security Center

You need to create the test rule to meet the Azure Sentinel requirements. What should you
do when you create the rule?

A.

From Set rule logic, turn off suppression

B.

From Analytics rule details, configure the tactics.

C.

From Set rule logic, map the entities

D.

From Analytics rule details, configure the severity.

You need to restrict cloud apps running on CLIENT1 to meet the Microsoft Defender for
Endpoint requirements.
Which two configurations should you modify? Each correct answer present part of the
solution.
NOTE: Each correct selection is worth one point.

A.

the Onboarding settings from Device management in Microsoft Defender Security
Center

B.

Cloud App Security anomaly detection policies

C.

Advanced features from Settings in Microsoft Defender Security Center

D.

the Cloud Discovery settings in Cloud App Security

You need to assign a role-based access control (RBAC) role to admin1 to meet the Azure
Sentinel requirements and the business requirements.
Which role should you assign?

A.

Automation Operator

B.

Automation Runbook Operator

C.

Azure Sentinel Contributor

D.

Logic App Contributor

You need to modify the anomaly detection policy settings to meet the Cloud App Security
requirements. Which policy should you modify?

A.

Activity from suspicious IP addresses

B.

Activity from anonymous IP addresses

C.

Impossible travel

D.

Risky sign-in