BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam MS-500 Topic 9 Question 10 Discussion

Actual exam question for Microsoft's MS-500 exam
Question #: 10
Topic #: 9
[All MS-500 Questions]

You have an Azure Sentinel workspace that has an Azure Active Directory (Azure AD) connector and an Office 365 connector.

From the workspace, you plan to create a scheduled query rule that will use a custom query. The rule will be used to generate alerts when inbound access to Office 365 from specific user accounts is detected.

You need to ensure that when multiple alerts are generated by the rule, the alerts are consolidated as a single incident per user account.

What should you do?

Show Suggested Answer Hide Answer

Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel