Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

MICROSOFT CERTIFIED SECURITY OPERATIONS ANALYST EXAM PREP > Mitigate threats using Microsoft 365 Defender > Flashcards

Mitigate threats using Microsoft 365 Defender Flashcards

1
Q

is an integrated threat protection suite with solutions that detect malicious activity across email, endpoints, applications, and identity.

A

Microsoft 365 Defender

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Extended Detection and Response (XDR) combines signals from:

A

endpoints
identity
email
applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Near real-time resolution of known incident types with automation. These are well-defined attacks that the organization has seen many times.

A

Automation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

–Triage analysts focus on rapid remediation of a high volume of well-known incident types that still require (quick) human judgment. These are often tasked with approving automated remediation workflows and identifying anything anomalous or interesting that warrant escalation or consultation with investigation (Tier 2) teams.

A

Triage (aka Tier 1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

We recommend setting a quality standard of 90% true positive for any alert feeds that will require an analyst to respond so analysts aren’t required to respond to a high volume of false alarms.

A

90% true positive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

MICROSOFT CERTIFIED SECURITY OPERATIONS ANALYST EXAM PREP (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions