SC-200 Question #190: Real Exam Question with Answer & Explanation

Sign in or unlock SC-200 to reveal the answer and full explanation for question #190. The question stem and answer options stay visible for context.

Submitted by alyssa_d· Apr 18, 2026Manage threat mitigation using Microsoft Defender for Cloud

Question

You have an Azure subscription that contains a virtual machine named VM1 and uses Microsoft Defender for Cloud. Microsoft Defender for Cloud has automatic provisioning configured to use Azure Monitor Agent. You need to create a custom alert suppression rule that will suppress false positive alerts for suspicious use of PowerShell on VM1. What should you do first?

Options

AFrom Microsoft Defender for Cloud, export the alerts to a Log Analytics workspace.
BFrom Microsoft Defender for Cloud, add a workflow automation.
COn VM1, trigger a PowerShell alert.
DOn VM1, run the Get-MPThreatCatalog cmdlet.

Unlock SC-200 to see the answer

You've previewed enough free SC-200 questions. Unlock SC-200 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock SC-200 - $49.99 / 30 days Sign in

Topics

#Microsoft Defender for Cloud#Alert suppression#False positives#Security operations

Full SC-200 Practice Browse All SC-200 Questions