Microsoft Cybersecurity Architect Expert SC-100
You are currently managing a Microsoft 365 E5 subscription along with an Azure subscription and are tasked with designing a Microsoft deployment. The goal is to provide a comprehensive solution for the security operations team, enabling them to effectively monitor and analyze security events. The solution should incorporate custom views and a dashboard tailored specifically for security event analysis. What would you recommend using in Microsoft Sentinel to achieve this?
Exam-Like
A
notebooks
B
playbooks
C
workbooks
D
threat intelligence
Explanation:
After you have connected your data sources to Microsoft Sentinel, you get instant visualization and analysis of data so that you can understand what's happening across all your connected data sources. Microsoft Sentinel provides workbooks that give you the full power of Azure tools as well as built-in tables and charts for analytics on your logs and queries. Workbooks offer the capability to create custom views and dashboards, making them the optimal choice for the security operations team. Reference: https://learn.microsoft.com/en-us/azure/sentinel/monitor-your-data