SC-200 Free Practice Test

- (Exam Topic 1)
You need to recommend a solution to meet the technical requirements for the Azure virtual machines. What should you include in the recommendation?

1. A. just-in-time (JIT) access
2. B. Azure Defender
3. C. Azure Firewall
4. D. Azure Application Gateway

Correct Answer: B
Reference:
https://docs.microsoft.com/en-us/azure/security-center/azure-defender

- (Exam Topic 2)
You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements. Which policy should you modify?

1. A. Activity from suspicious IP addresses
2. B. Activity from anonymous IP addresses
3. C. Impossible travel
4. D. Risky sign-in

Correct Answer: C
Reference:
https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy

- (Exam Topic 3)
You have an Azure subscription.
You plan to implement an Microsoft Sentinel workspace. You anticipate that you will ingest 20 GB of security log data per day.
You need to configure storage for the workspace. The solution must meet the following requirements:
• Minimize costs for daily ingested data.
• Maximize the data retention period without incurring extra costs.
What should you do for each requirement? To answer, select the appropriate options in the answer area. NOTE Each correct selection is worth one point.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 3)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are configuring Azure Sentinel.
You need to create an incident in Azure Sentinel when a sign-in to an Azure virtual machine from a malicious IP address is detected.
Solution: You create a Microsoft incident creation rule for a data connector.
Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-security-center

- (Exam Topic 3)
You use Azure Security Center.
You receive a security alert in Security Center.
You need to view recommendations to resolve the alert in Security Center. What should you do?

1. A. From Security alerts, select the alert, select Take Action, and then expand the Prevent future attacks section.
2. B. From Security alerts, select Take Action, and then expand the Mitigate the threat section.
3. C. From Regulatory compliance, download the report.
4. D. From Recommendations, download the CSV report.

Correct Answer: B
Reference:
https://docs.microsoft.com/en-us/azure/security-center/security-center-managing-and-responding-alerts