SC-200 Question #293: Real Exam Question with Answer & Explanation

Sign in or unlock SC-200 to reveal the answer and full explanation for question #293. The question stem and answer options stay visible for context.

Submitted by sofia.br· Apr 18, 2026

Question

You have a Microsoft 365 subscription that uses Microsoft Defender XDR. You are investigating an attacker that is known to use the Microsoft Graph API as an attack vector. The attacker performs the tactics shown the following table. You need to search for malicious activities in your organization. Which tactics can you analyze by using the MicrosoftGraphActivityLogs table?

Options

ATactic2 only
BTactic1 and Tactic2 only
CTactic2 and Tactic3 only
DTactic1, Tactic2, and Tactic3

Unlock SC-200 to see the answer

You've previewed enough free SC-200 questions. Unlock SC-200 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock SC-200 - $49.99 / 30 days Sign in

Full SC-200 Practice Browse All SC-200 Questions