SC-100 · Question #83
SC-100 Question #83: Real Exam Question with Answer & Explanation
The correct answer is D: Microsoft Sentinel. {"question_number": 5, "correct_answer": "D", "explanation": "Microsoft Sentinel is the correct recommendation. It is a cloud-native SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platform that centralizes security inc
Question
A customer has a Microsoft 365 E5 subscription and an Azure subscription. The customer wants to centrally manage security incidents, analyze log, audit activity, and hunt for potential threats across all deployed services. You need to recommend a solution for the customer. The solution must minimize costs. What should you include in the recommendation?
Options
- AMicrosoft 365 Defender
- BMicrosoft Defender for Cloud
- CMicrosoft Defender for Cloud Apps
- DMicrosoft Sentinel
Explanation
{"question_number": 5, "correct_answer": "D", "explanation": "Microsoft Sentinel is the correct recommendation. It is a cloud-native SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platform that centralizes security incident management, log analysis, audit activity review, and threat hunting across ALL deployed services - including Azure, Microsoft 365, and third-party solutions. Since the customer already has a Microsoft 365 E5 subscription (which includes Microsoft 365 Defender) and an Azure subscription, Sentinel consolidates everything into one pane and minimizes costs by avoiding multiple overlapping tools. Microsoft 365 Defender (A) covers only M365 workloads. Defender for Cloud (B) focuses on cloud workload protection. Defender for Cloud Apps (C) is a CASB solution.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.