Guided project quiz: Configure Microsoft Sentinel to ingest data and detect threats Quiz Answers
In this article i am gone to share Cybersecurity Solutions and Microsoft Defender Week 2 | Guided project quiz: Configure Microsoft Sentinel to ingest data and detect threats Quiz Answers with you..
Enrol Link: Cybersecurity Solutions and Microsoft Defender
Cybersecurity Solutions and Microsoft Defender Week 2 Quiz Answers
Guided project quiz: Configure Microsoft Sentinel to ingest data and detect threats Quiz Answers
Question 1)
Your organization has tasked you with creating customized views of data ingested in Sentinel. Which of the following solutions will be the best choice to deliver these results?
- Enable a Workbook in Microsoft Sentinel
- To create a Microsoft Sentinel workspace
- To configure data connectors
- To explore MITRE ATT&CK
Question 2)
You need to install 3rd party data connectors in the Microsoft Sentinel workspace, what is the first task you should perform?
- Install the 3rd party content hub solution
- Configure the 3rd party data connector
- Create a log analytics workspace for the connectors
- Enable a Workbook in Microsoft Sentinel
Question 3)
In Microsoft Sentinel, you need to monitor for suspicious activity and generate alerts and incidents when identified. What should you create in Microsoft Sentinel?
- Analytic rule
- Logic app
- Automation rule
- Content hub solution
Question 4)
You have the requirement to disable a user account if the user is associated with a high severity alert. What should you create to perform this action?
- Automation rules
- Playbooks
- Analytic rules
- Data connectors
Question 5)
Your team needs to configure a component in Microsoft Sentinel that detects suspicious activity. What solution would you choose to accomplish this task?
- Workbook
- To enable and configure an automation rule
- Playbook
- To enable and configure analytic rules
Question 6)
You have been asked by your manager where they can observe the techniques for the coverage of configured analytic rules in Microsoft Sentinel. Your response would be which of the following?
- By checking the Microsoft Sentinel Content Hub
- On the MITRE ATT&CK page
- In data connectors
- In the configured automation rule itself
Question 7)
When incidents are created in Sentinel, you need to create an incident in an external ticket management system. What should you create in Microsoft Sentinel?
- KQL query
- Content hub solution
- Entity Behavior
- Playbook
Question 8)
Which of the following are not considered “components” as referenced in the course?
- Logic App
- Analytic rules
- Automation rules
- Resource groups
Question 9)
Which of the following is an option when configuring a data connector?
- Installing agents on external resources
- Activating rule templates
- Creating automation rules
- Creating a Workbook
Question 10)
What is the purpose of configuring data connectors in Microsoft Sentinel?
- To create a log analytics workspace
- To explore MITRE ATT&CK
- To enable and configure analytic rules
- To ingest data into Microsoft Sentinel
Question 11)
In Microsoft Sentinel, you need to provide interactive reports that display graphical information about ingested log data. What should you configure?
- Workbooks
- Configuring data connectors
- Installing rule templates
- Activating analytic rules
Question 12)
The security team used MITRE ATT&CK in Microsoft Sentinel for their assessment. Which of the following would they use it for?
- To create workbooks from templates
- Automation rules
- Review tactics and techniques coverage
- To configure data connectors
Question 13)
Why is it vital that a company set up analytic rules in Microsoft Sentinel?
- To protect solutions installed from the Content Hub
- To ingest logs into the workspace
- To generate alerts and incidents of suspicious activity
- To display graphical information about the data
Question 14)
John just finished a guided course on Microsoft Sentinel. What is the least administrative effort that he should take to remove the Azure resources created in the guided project to avoid unnecessary charges on his credit card?
- Delete individual resources one by one
- Delete the Azure subscription
- Delete the Resource Group containing the resources
- Disable the services associated with the resources