You need to assign a role-based access control (RBAC) role to admin1 to meet the Azure
Sentinel requirements and the business requirements.
Which role should you assign?

You are responsible for responding to Azure Defender for Key Vault alerts.
During an investigation of an alert, you discover unauthorized attempts to access a key
vault from a Tor exit node.
What should you configure to mitigate the threat?

You have an Azure subscription that uses Microsoft Defender for Endpoint.
You need to ensure that you can allow or block a user-specified range of IP addresses and
URLs.
What should you enable first in the advanced features from the Endpoints Settings in the
Microsoft 365 Defender portal?

You have a Microsoft Sentinel workspace that contains an Azure AD data connector.
You need to associate a bookmark with an Azure AD-related incident.
What should you do? To answer, drag the appropriate blades to the correct tasks. Each
blade may be used once, more than once, or not at all. You may need to drag the split bar
between panes or scroll to view content
NOTE: Each correct selection is worth one point.

You have the resources shown in the following table.

You need to visualize Azure Sentinel data and enrich the data by using third-party data
sources to identify indicators of compromise (IoC).
What should you use?

You receive a security bulletin about a potential attack that uses an image file.
You need to create an indicator of compromise (IoC) in Microsoft Defender for Endpoint to
prevent the attack.
Which indicator type should you use?

You have an Azure subscription that has Azure Defender enabled for all supported
resource types.
You create an Azure logic app named LA1.
You plan to use LA1 to automatically remediate security risks detected in Azure Security
Center.
You need to test LA1 in Security Center.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.