The Microsoft Security Operations Analyst (SC-200) certification validates your skills in investigating, searching for, and mitigating threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender. This exam tests your ability to perform triage, respond to incidents, mitigate risk by using exposure management, hunt for threats using threat intelligence, and use KQL for reporting, detections, and investigations.
Correct answer: Automatic attack disruption. This is one of 599 practice questions in the SC-200 SC-200: Microsoft Security Operations Analyst pack on ReadRoost.
The SC-200 SC-200: Microsoft Security Operations Analyst study pack on ReadRoost includes 599 practice questions and 350 flashcards, covering 4 exam domains including Manage security threats. Every question has a detailed explanation so you understand why each answer is right or wrong.
Yes. The SC-200 SC-200: Microsoft Security Operations Analyst pack is mapped to the latest official exam objectives and is maintained by the ReadRoost team. You get flashcards with spaced repetition, timed practice exams, and AI-powered explanations.
You need to configure Microsoft Defender XDR to automatically respond to high-confidence phishing attacks. What should you configure?