SC-900 • Practice Test 40
Free SC-900 practice test — 15 questions with explanations. Set 40. No signup required.
Refer to the exhibit. You are a security analyst using Microsoft Sentinel. You run this KQL query. What does the query return?
Refer to the exhibit. ```kql let HighSeverityAlerts = Alert | where AlertSeverity == "High" | where TimeGenerated > ago(1h); let CorrelatedIncidents = HighSeverityAlerts | join kind=inner (Incident) on $left.AlertId == $right.AlertId | project IncidentId, AlertId, AlertSeverity, IncidentStatus; CorrelatedIncidents | where IncidentStatus != "Closed" ```