Threat Protection — Microsoft Azure Security Engineer (AZ-500) Practice Questions
Threat protection on AZ-500 encompasses the detection, investigation, and response capabilities that identify active attacks or suspicious behavior across Azure resources, identities, and data. Candidates must understand how Microsoft Defender for Cloud generates security alerts, how Microsoft Sentinel ingests and correlates those alerts with analytics rules, and how to configure automated playbooks that contain or remediate incidents. The exam also covers identity-based threat signals such as risky sign-ins and leaked credentials surfaced through Azure Active Directory Identity Protection.
Free questions on threat protection
What does Azure Defender provide for workload protection?
Free question · medium · full answer + explanation
More threat protection questions in the full bank
- What is Microsoft Defender for Cloud? Unlock answer & explanation →
- Which Defender SKU provides the most comprehensive cloud security? Unlock answer & explanation →
- What is Microsoft Defender for Cloud used for? Unlock answer & explanation →