SC-200 • Practice Test 4 — 10 Questions
Free SC-200 practice test 4 — 10 questions with explanations. No signup required.
A SOC analyst is creating a new analytics rule in Microsoft Sentinel to detect when a user account is disabled. The analyst needs to select a rule template that uses Microsoft Entra ID audit logs. Which rule type should the analyst choose?