Microsoft Security Operations Analyst SC-200 Question # 34 Topic 4 Discussion

Microsoft Discussions Browse All Questions Go to Exam Detail Get Premium Access

Microsoft Security Operations Analyst SC-200 Question # 34 Topic 4 Discussion

SC-200 Exam Topic 4 Question 34 Discussion:

Question #: 34

Topic #: 4

You have a Microsoft 365 subscription that uses Microsoft Defender XDR.
You plan to investigate suspicious activity in the subscription by using Microsoft Graph activity logs.
You need to search for requests to delete resources from the subscription and identify the users that initiated the requests.
How should you complete the KQL query? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Get Premium SC-200 Questions

Actual exam question for Microsoft SC-200 exam by Rael3323 at May 9, 2026, 4:55:34 PM

Contribute your Thoughts:

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Microsoft Security Operations Analyst SC-200 Question # 34 Topic 4 Discussion

Microsoft Security Operations Analyst SC-200 Question # 34 Topic 4 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Microsoft Security Operations Analyst SC-200 Question # 34 Topic 4 Discussion

Microsoft Security Operations Analyst SC-200 Question # 34 Topic 4 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval