SC-900 Describe the capabilities of Microsoft security solutions • Set 13
SC-900 Describe the capabilities of Microsoft security solutions Practice Test 13 — 15 questions with explanations. Free, no signup.
A security operations center (SOC) team uses Microsoft Sentinel with User and Entity Behavior Analytics (UEBA) enabled. They notice an alert about a user accessing a sensitive HR application from an unusual IP address at 3 AM. What does UEBA primarily use to detect this anomaly?