SC-200 Incident Response & Remediation

Question 1

What is the first step in an incident response process?

Accepted Answer

Identify the incident

Answer

Eradicate the threat

Answer

Contain the incident

Answer

Recover affected systems

Question 2

Which tool is commonly used in Microsoft security operations for investigating security incidents?

Accepted Answer

Microsoft Sentinel

Answer

Azure DevOps

Answer

Microsoft Teams

Answer

OneDrive

Question 3

What is the primary goal of incident containment?

Accepted Answer

Prevent further damage and isolate systems

Answer

Immediately delete all compromised files

Answer

Inform all employees about the incident

Answer

Shut down the entire network

Question 4

What is the purpose of a post-incident review?

Accepted Answer

Analyze and improve security measures

Answer

Punish the responsible team members

Answer

Erase all incident logs

Answer

Ignore the incident and move on

Question 5

Which of the following is a key strategy in incident remediation?

Accepted Answer

Applying security patches and updates

Answer

Deleting all logs permanently

Answer

Ignoring the affected systems

Answer

Reinstalling all company software

Question 6

What is a major benefit of automated incident response?

Accepted Answer

Reduces response time and increases efficiency

Answer

Eliminates the need for cybersecurity professionals

Answer

Allows incidents to resolve themselves

Answer

Disables all security alerts