A security team wants suspicious artifacts on some endpoints to be remediated only after analyst approval, while keeping investigations automatic. Which Defender for Endpoint automation approach fits best?
More Manage a security operations environment Questions
83 questions
Full Microsoft Certified: Security Operations Analyst Associate Practice Test
All topics covered
All Microsoft Certified: Security Operations Analyst Associate Questions
Browse by topic
Related Questions
A security lead wants email alerts from Microsoft Defender XDR when new incidents meet configured se...
Which Microsoft service underpins Microsoft Sentinel playbooks?...
A SOC needs to collect Windows Security events into Microsoft Sentinel by using Azure Monitor Agent....
Which Microsoft Sentinel analytics rule type is designed for near real-time detection with minimal l...
A detection engineer wants to review how current detections align to adversary tactics and technique...
Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy
Discussion
Be the first to share your understanding of this concept
Sign in to join the discussion