SC-200 Respond to security incidents • Set 3
SC-200 Respond to security incidents Practice Test 3 — 15 questions with explanations. Free, no signup.
Your organization uses Microsoft Defender for Cloud Apps. A security analyst receives an alert for a suspicious sign-in from an IP address in a sanctioned app. The analyst needs to immediately block the user from accessing the app. Which action should the analyst take?