Which indicator type should you use?

SC-200

Last Post by Philip 1 year ago

1 Posts

1 Users

0 Likes

144 Views

RSS

Philip

(@siwekphilip)

Posts: 730

Noble Member

Topic starter

You receive a security bulletin about a potential attack that uses an image file.

You need to create an indicator of compromise (IoC) in Microsoft Defender for Endpoint to prevent the attack.

Which indicator type should you use?

A . a URL/domain indicator that has Action set to Alert only
B. a URL/domain indicator that has Action set to Alert and block
C. a file hash indicator that has Action set to Alert and block
D. a certificate indicator that has Action set to Alert and block

Show Answer Hide Answer

Suggested Answer: C

Explanation:

Reference: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/indicator-file?view=o365-worldwide

Posted : 29/01/2023 8:33 am

Topic Tags

Microsoft Certified: Secu

Latest Microsoft SC-200 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic