SC-200 · Question #414
SC-200 Question #414: Real Exam Question with Answer & Explanation
The correct answer is A: Security operations efficiency. Microsoft Sentinel, Manage your SOC better with incident metrics Security operations efficiency workbook To complement the SecurityIncidents table, we’ve provided you with an out-of-the-box security operations efficiency workbook template that you can use to monitor your SOC oper
Question
You have an Azure subscription that uses Microsoft Sentinel. You need to create a custom workbook that will calculate the average time it takes to close security incidents. The solution must minimize administrative effort. Which built-in Microsoft Sentinel workbook template should you select?
Options
- ASecurity operations efficiency
- BIncident Overview
- CWorkspace Usage Report
- DInvestigation Insights
Explanation
Microsoft Sentinel, Manage your SOC better with incident metrics Security operations efficiency workbook To complement the SecurityIncidents table, we’ve provided you with an out-of-the-box security operations efficiency workbook template that you can use to monitor your SOC operations. The workbook contains the following metrics: https://learn.microsoft.com/en-us/azure/sentinel/manage-soc-with-incident-metrics
Community Discussion
No community discussion yet for this question.