Microsoft Security, Compliance, and Identity Fundamentals SC-900 Practice Question
To detect pass-the-hash attacks within your organization, you plan to deploy Microsoft Defender for Identity. Which data does Defender for Identity primarily analyze so it can identify suspicious authentication and lateral-movement activities?
Change events in Azure Resource Manager deployments
Azure Active Directory sign-in and audit logs only
Email message headers and metadata in Exchange Online
Network traffic and security event logs from on-premises Active Directory domain controllers
Defender for Identity works by installing sensors on Active Directory domain controllers. These sensors capture and send authentication-related network traffic and security event logs from the on-premises domain controllers to the Defender for Identity cloud service. By focusing on this on-premises Active Directory data, the service can spot techniques such as pass-the-hash, pass-the-ticket, and other lateral-movement behaviors. It does not directly analyze Azure AD sign-ins, Azure Resource Manager changes, or Exchange Online message metadata; those data sources are monitored by other Microsoft security solutions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is pass-the-hash and why is it a security concern?
Open an interactive chat with Bash
How does Microsoft Defender for Identity detect suspicious lateral movement activities?
Open an interactive chat with Bash
What are the differences between Microsoft Defender for Identity and Azure AD logs for threat detection?
Open an interactive chat with Bash
Microsoft Security, Compliance, and Identity Fundamentals SC-900
Describe the capabilities of Microsoft security solutions
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .