SC-300 · Question #82
SC-300 Question #82: Real Exam Question with Answer & Explanation
The correct answer is C: Create an Azure Sentinel playbook.. Creating a Sentinel instance and configuring the Azure AD Connector = configuring the Azure AD connector within Sentinel settings, as detailed here: https://learn.microsoft.com/en- us/azure/sentinel/create-incidents-from-alerts
Question
You have an Azure Active Directory (Azure AD) tenant named contoso.com that has Azure AD Identity Protection policies enforced. You create an Azure Sentinel instance and configure the Azure Active Directory connector. You need to ensure that Azure Sentinel can generate incidents based on the risk alerts raised by Azure AD Identity Protection. What should you do first?
Options
- AAdd an Azure Sentinel data connector.
- BConfigure the Notify settings in Azure AD Identity Protection.
- CCreate an Azure Sentinel playbook.
- DModify the Diagnostics settings in Azure AD.
Explanation
Creating a Sentinel instance and configuring the Azure AD Connector = configuring the Azure AD connector within Sentinel settings, as detailed here: https://learn.microsoft.com/en- us/azure/sentinel/create-incidents-from-alerts
Community Discussion
No community discussion yet for this question.