Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam SC-200 Topic 2 Question 77 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 77
Topic #: 2
[All SC-200 Questions]

You have a Microsoft Sentinel workspace named SW1.

In SW1, you investigate an incident that is associated with the following entities:

* Host

* IP address

* User account

* Malware name

Which entity can be labeled as an indicator of compromise (loC) directly from the incident s page?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

Raelene
4 months ago
Wait, are we sure the answer isn't just 'all of the above'? This incident sounds like a real party of indicators!
upvoted 0 times
...
Merilyn
4 months ago
I agree with Billy, the IP address could definitely be an indicator of compromise.
upvoted 0 times
...
Alex
4 months ago
I'm gonna go with IP address on this one. Tracking down that pesky IP could lead us straight to the culprit's hideout. Gotta love a good ol' digital manhunt!
upvoted 0 times
Ivette
3 months ago
I'm gonna go with IP address on this one. Tracking down that pesky IP could lead us straight to the culprit's hideout. Gotta love a good ol' digital manhunt!
upvoted 0 times
...
Truman
3 months ago
D) IP address
upvoted 0 times
...
Brynn
3 months ago
C) user account
upvoted 0 times
...
Graciela
3 months ago
B) host
upvoted 0 times
...
Tish
3 months ago
A) malware name
upvoted 0 times
...
...
Billy
4 months ago
But the IP address could also be a potential indicator, don't you think?
upvoted 0 times
...
Dorthy
4 months ago
I disagree, I believe the user account is the indicator of compromise.
upvoted 0 times
...
Billy
4 months ago
I think the indicator of compromise could be the malware name.
upvoted 0 times
...
Letha
4 months ago
I don't know, the user account could be a pretty juicy clue too. Maybe the hacker left their calling card in the login details?
upvoted 0 times
...
Margart
4 months ago
Hold up, the host seems like the most direct indicator to me. If the machine's been compromised, that's a pretty big red flag.
upvoted 0 times
Cheryl
3 months ago
D) IP address
upvoted 0 times
...
Lawanda
3 months ago
C) user account
upvoted 0 times
...
Heike
3 months ago
B) host
upvoted 0 times
...
Galen
3 months ago
A) malware name
upvoted 0 times
...
...
Cory
5 months ago
Hmm, I think the malware name is the most obvious indicator of compromise here. Gotta catch those sneaky bugs!
upvoted 0 times
Bobbye
4 months ago
B) host
upvoted 0 times
...
Catina
5 months ago
Definitely, the malware name is a clear indicator of compromise.
upvoted 0 times
...
Sue
5 months ago
A) malware name
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77