Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free Microsoft SC-200 Practice Exam with Questions & Answers | Set: 3

Questions 21

You have a Microsoft 365 E5 subscription that contains two users named User! and User2. You have the hunting query shown in the following exhibit.

SC-200 Question 21

The users perform the following anions:

• User1 assigns User2 the Global administrator role.

• User1 creates a new user named User3 and assigns the user a Microsoft Teams license.

• User2 creates a new user named User4 and assigns the user the Security reader role.

• User2 creates a new user named User5 and assigns the user the Security operator role.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

SC-200 Question 21

Options:
Microsoft SC-200 Premium Access
Questions 22

You have a Microsoft 365 subscription that has Microsoft 365 Defender enabled.

You need to identify all the changes made to sensitivity labels during the past seven days.

What should you use?

Options:
A.

the Incidents blade of the Microsoft 365 Defender portal

B.

the Alerts settings on the Data Loss Prevention blade of the Microsoft 365 compliance center

C.

Activity explorer in the Microsoft 365 compliance center

D.

the Explorer settings on the Email & collaboration blade of the Microsoft 365 Defender portal

Questions 23

You need to configure the Azure Sentinel integration to meet the Azure Sentinel requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-200 Question 23

Options:
Questions 24

You have an existing Azure logic app that is used to block Azure Active Directory (Azure AD) users. The logic app is triggered manually.

You deploy Azure Sentinel.

You need to use the existing logic app as a playbook in Azure Sentinel. What should you do first?

Options:
A.

And a new scheduled query rule.

B.

Add a data connector to Azure Sentinel.

C.

Configure a custom Threat Intelligence connector in Azure Sentinel.

D.

Modify the trigger in the logic app.

Questions 25

You need to restrict cloud apps running on CUENT1 to meet the Microsoft Defender for Endpoint requirements. Which two configurations should you modify? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Options:
A.

the Cloud Discovery settings in Microsoft Defender for Cloud Apps

B.

the Onboarding settings from Device management in Settings in Microsoft 365 Defender portal

C.

Microsoft Defender for Cloud Apps anomaly detection policies

D.

Advanced features from the Endpoints Settings in the Microsoft 365 Defender portal

Questions 26

You need to configure DC1 to meet the business requirements.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

SC-200 Question 26

Options:
Questions 27

You need to configure the Microsoft Sentinel integration to meet the Microsoft Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

SC-200 Question 27

Options:
Questions 28

You need to create the analytics rule to meet the Azure Sentinel requirements.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-200 Question 28

Options:
Questions 29

You need to modify the anomaly detection policy settings to meet the Microsoft Defender for Cloud Apps requirements and resolve the reported problem.

Which policy should you modify?

Options:
A.

Activity from suspicious IP addresses

B.

Risky sign-in

C.

Activity from anonymous IP addresses

D.

Impossible travel

Questions 30

You need to implement Azure Defender to meet the Azure Defender requirements and the business requirements.

What should you include in the solution? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

SC-200 Question 30

Options:
Exam Code: SC-200
Certification Provider: Microsoft
Exam Name: Microsoft Security Operations Analyst
Last Update: Jul 15, 2025
Questions: 347

Microsoft Related Exams

MO-200 - Microsoft Excel (Excel and Excel 2019)
SC-100 - Microsoft Cybersecurity Architect
MO-210 - Microsoft Excel (Microsoft 365 Apps)
MO-100 - Microsoft Word (Word and Word 2019)
MB-700 - Microsoft Dynamics 365: Finance and Operations Apps Solution Architect
MS-203 - Microsoft 365 Messaging
77-427 - Excel 2013 Expert Part One
AZ-120 - Planning and Administering Microsoft Azure for SAP Workloads
MB-240 - Microsoft Dynamics 365 for Field Service
MB-310 - Microsoft Dynamics 365 Finance
AZ-104 - Microsoft Azure Administrator
PL-200 - Microsoft Power Platform Functional Consultant
MO-201 - Microsoft Excel Expert (Excel and Excel 2019)
MS-721 - Collaboration Communications Systems Engineer
MB-335 - Microsoft Dynamics 365 Supply Chain Management Functional Consultant Expert
Microsoft Free Access
Get Microsoft Full Access

Microsoft Free Exams
Microsoft Free Exams
Prepare effectively for Microsoft certification exams with free study resources and practice tests from Examstrack.