SC-200 · Question #317
SC-200 Question #317: Real Exam Question with Answer & Explanation
The correct answer is C: Analytics. In Microsoft Sentinel, the 'Analytics' blade is the central location to view and manage all types of detection rules, including anomaly rules, allowing users to identify which ones are enabled.
Question
You have a Microsoft Sentinel workspace named SW1. You need to identify which anomaly rules are enabled in SW1. What should you review in Microsoft Sentinel?
Options
- AContent hub
- BEntity behavior
- CAnalytics
- DSettings
Explanation
In Microsoft Sentinel, the 'Analytics' blade is the central location to view and manage all types of detection rules, including anomaly rules, allowing users to identify which ones are enabled.
Common mistakes.
- D. The 'Settings' blade in Microsoft Sentinel is for workspace-level configurations and general preferences, not for the direct management or listing of enabled anomaly rules.
Concept tested. Microsoft Sentinel anomaly rule management
Reference. https://learn.microsoft.com/en-us/azure/sentinel/get-started-anomaly-rules
Community Discussion
No community discussion yet for this question.