SC-200 • Practice Test 4
Free SC-200 practice test — 10 questions with explanations. Set 4. No signup required.
A SOC analyst is creating a new analytics rule in Microsoft Sentinel to detect when a user account is disabled. The analyst needs to select a rule template that uses Microsoft Entra ID audit logs. Which rule type should the analyst choose?