SC-200 • Practice Exam 54
Free SC-200 practice exam — 20 questions with explanations. Set 54. No signup required.
Refer to the exhibit. A security analyst runs this PowerShell script to query a Log Analytics workspace. What is the purpose of this query?
Refer to the exhibit. ``` $huntQuery = @" DeviceProcessEvents | where Timestamp > ago(7d) | where FileName == "powershell.exe" | where ProcessCommandLine contains "-EncodedCommand" | project Timestamp, DeviceName, AccountName, ProcessCommandLine | take 1000 "@ $result = Invoke-AzOperationalInsightsQuery -WorkspaceId "..." -Query $huntQuery ```