SC-100 · Question #55
SC-100 Question #55: Real Exam Question with Answer & Explanation
The correct answer is B: workbooks. {"question_number": 4, "correct_answer": "B", "explanation": "Microsoft Sentinel Workbooks are the correct tool for creating custom dashboards and visualizations of security event data. Built on Azure Monitor Workbooks, they support interactive charts, tables, and queries (KQL) t
Question
You have a Microsoft 365 E5 subscription and an Azure subscription. You are designing a Microsoft Sentinel deployment. You need to recommend a solution for the security operations team. The solution must include custom views and a dashboard for analyzing security events. What should you recommend using in Microsoft Sentinel?
Options
- Aplaybooks
- Bworkbooks
- Cnotebooks
- Dthreat intelligence
Explanation
{"question_number": 4, "correct_answer": "B", "explanation": "Microsoft Sentinel Workbooks are the correct tool for creating custom dashboards and visualizations of security event data. Built on Azure Monitor Workbooks, they support interactive charts, tables, and queries (KQL) that security analysts use to monitor and investigate events in a structured, visual format. Playbooks (A) are automated response workflows built on Azure Logic Apps-they react to alerts, not display them. Notebooks (C) are Jupyter-based analytical tools for deep, ad-hoc data exploration, not persistent dashboards. Threat Intelligence (D) is a data feed and management feature for ingesting and correlating indicators of compromise, not a visualization layer.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.