Microsoft Security Operations Analyst Associate SC-200 Practice Question
Your company uses Microsoft Defender for Endpoint. You must identify unmanaged network devices (for example, printers, routers) that are connected to your on-premises network but are not yet onboarded to Defender for Endpoint. The security team wants to minimize network traffic and ensure no active probes are sent to those devices. Which Defender for Endpoint device discovery configuration should you choose?
Enable Device discovery in Basic (passive) mode on onboarded Windows devices.
Deploy a standalone Microsoft Defender for Endpoint network sensor and configure it for active network interrogation.
Enable Microsoft Defender for Cloud auto-provisioning to discover resources in the subscription.
Enable Device discovery in Standard mode on onboarded Windows devices.
In Microsoft Defender for Endpoint, Device discovery offers two main modes. Basic discovery relies only on passive monitoring of network traffic captured by already-onboarded Windows devices. It does not send any active probes, so it uncovers unmanaged devices without adding network load or potentially disruptive scans. In contrast, Standard discovery and a standalone network sensor in active mode both perform active interrogation (for example, via ARP, SNMP, or port scanning), which the security team wants to avoid. Enabling Microsoft Defender for Cloud's auto-provisioning targets cloud resources, not on-premises network devices, so it will not meet the requirement. Therefore, enabling Device discovery in Basic (passive) mode is the correct choice.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Microsoft Defender for Endpoint Device discovery?
Open an interactive chat with Bash
How does Basic (passive) mode differ from Standard mode in Defender for Endpoint?
Open an interactive chat with Bash
What types of unmanaged devices can Basic Device discovery detect?
Open an interactive chat with Bash
Microsoft Security Operations Analyst Associate SC-200
Manage a security operations environment
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .