BlogFirst lesson
Sign Up

Question 1

Your organization has an on-premises Active Directory domain that runs Windows Server 2022 servers and has advanced auditing enabled. Your organization is already collecting the servers' security logs using a third-party SIEM solution.

Your organization has purchased a Microsoft 365 tenant and your manager has asked you to deploy Microsoft Defender for identity by using standalone sensors.

You need to configure the Defender for Identity standalone sensor to detect when certain sensitive groups are updated and any time malicious services are created.

How can you fulfill your manager's request?