SC-200 Manage a security operations environment • Set 35
SC-200 Manage a security operations environment Practice Test 35 — 15 questions with explanations. Free, no signup.
Your organization uses Microsoft Sentinel and Microsoft Defender XDR. You are configuring a new automation rule in Sentinel to automatically assign incidents to the appropriate SOC tier based on severity: Low and Medium to Tier 1, High to Tier 2, and Critical to Tier 3. You have created three separate automation rules, one for each tier. However, only the rule for Critical incidents is working. The other rules do not assign incidents. You verify that the other rules are enabled and have the correct conditions. What is the most likely cause?