SC-200 Respond to security incidents • Set 18
SC-200 Respond to security incidents Practice Test 18 — 15 questions with explanations. Free, no signup.
Your organization uses Microsoft Defender for Endpoint. A user reports that their device is running slowly and exhibiting unusual network activity. You run a live response session and find a suspicious process running. Which action should you take first to contain the threat?