SC-200 · Question #314
SC-200 Question #314: Real Exam Question with Answer & Explanation
The correct answer is D: Manage security settings. To allow User1 to configure email notifications for alerts in Microsoft Defender XDR with least privilege, they must be assigned the 'Manage security settings' permission.
Question
You have a Microsoft 365 subscription that uses Microsoft Defender for Endpoint and contains a user named User1 and a Microsoft 365 group named Group1. All users are assigned a Defender for Endpoint Plan 1 license. You enable Microsoft Defender XDR Unified role-based access control (RBAC) for Endpoints & Vulnerability Management. You need to ensure that User1 can configure alerts that will send email notifications to Group1. The solution must follow the principle of least privilege. Which permissions should you assign to User1?
Options
- ADefender Vulnerability Management - Remediation handling
- BAlerts investigation
- CLive response capabilities: Basic
- DManage security settings
Explanation
To allow User1 to configure email notifications for alerts in Microsoft Defender XDR with least privilege, they must be assigned the 'Manage security settings' permission.
Common mistakes.
- C. 'Live response capabilities: Basic' allows users to perform basic live response actions on devices, which is unrelated to configuring email notifications for security alerts.
Concept tested. Microsoft Defender XDR RBAC for alert configuration
Community Discussion
No community discussion yet for this question.