MS-900 Question #280: Real Exam Question with Answer & Explanation

The correct answer is A: advanced hunting. In Microsoft Defender XDR, custom detection rules are created using advanced hunting. Advanced hunting provides the powerful query language needed to define the conditions for these rules. You can use advanced hunting queries to identify specific threats or unusual activities wit

Submitted by satoshi_tk· Mar 5, 2026Describe security, compliance, privacy, and trust in Microsoft 365

Question

A company is using Microsoft Defender XDR. The company requires the ability to search for threats, malware, and malicious activity by creating custom detection rules. You need to create custom detection rules. Which component should you use?

Options

Aadvanced hunting
Bthreat analytics
Capp connectors
Dthreat trackers
EMicrosoft Secure Score

Explanation

In Microsoft Defender XDR, custom detection rules are created using advanced hunting. Advanced hunting provides the powerful query language needed to define the conditions for these rules. You can use advanced hunting queries to identify specific threats or unusual activities within your environment, and then use those queries to create custom detection rules that automatically generate alerts and trigger actions when those conditions are met. https://learn.microsoft.com/en-us/defender-xdr/custom-detection-rules

Topics

#Microsoft Defender XDR#advanced hunting#custom detection rules

Community Discussion

No community discussion yet for this question.

Full MS-900 Practice Browse All MS-900 Questions