Which two actions should you perform in Azure Sentinel?

Posted by: Pdfprep Category: SC-200 Tags: SC-200 exam questions, SC-200 practice exam, Microsoft Certified: Security Operations Analyst Associate Post Date: June 14, 2021

You are configuring Azure Sentinel.

You need to send a Microsoft Teams message to a channel whenever a sign-in from a suspicious IP address is detected.

Which two actions should you perform in Azure Sentinel? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A . Add a playbook.
B . Associate a playbook to an incident.
C . Enable Entity behavior analytics.
D . Create a workbook.
E . Enable the Fusion rule.

Answer: A,B

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook

Which two actions should you perform in Azure Sentinel?

Author

Leave a Reply Cancel reply