New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Microsoft
  4. Microsoft Certified: Security Operations Analyst Associate
  5. SC-200 Discussions
  6. SC-200 Exam Topic 2 Question 15 Discussion

Microsoft Security Operations Analyst SC-200 Question # 15 Topic 2 Discussion

 Microsoft Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Microsoft Security Operations Analyst SC-200 Question # 15 Topic 2 Discussion

SC-200 Exam Topic 2 Question 15 Discussion:
Question #: 15
Topic #: 2

You have an Azure subscription that contains an Microsoft Sentinel workspace.

You need to create a hunting query using Kusto Query Language (KQL) that meets the following requirements:

• Identifies an anomalous number of changes to the rules of a network security group (NSG) made by the same security principal

• Automatically associates the security principal with an Microsoft Sentinel entity

How should you complete the query? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

SC-200 Question 15
Get Premium SC-200 Questions
Actual exam question for Microsoft SC-200 exam by Zyra9688 at Oct 19, 2025, 6:07:52 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next