Knowledge check

1.

A security analyst needs to review past sessions created in Microsoft Security Copilot. After accessing the standalone experience, which option should they select to manage and review these sessions?

Select the My sessions option from the home menu.

Select the Help icon.

Select settings.

2.

After enabling the Defender EASM plugin in Copilot, a security analyst wants to assess the organization's exposure to a specific vulnerability; which prompt should they use to obtain this information?

Get assets by CVSS score.

Get expired SSL certificates.

Is my external attack surface impacted by CVE-2023-21709?

3.

A security analyst needs to integrate ServiceNow incident management with Microsoft Security Copilot. Which authentication method should be configured to enable this integration?

Anonymous authentication

OAuth authorization

Copilot uses on-behalf-of authentication so no other authentication is required for ServiceNow integration.

4.

A security analyst is tasked with automating investigation flows to streamline repetitive steps in Copilot. After selecting relevant prompts from an existing session, the analyst wants to create a promptbook. What should the analyst do next to accomplish this task?

Select the 'Create promptbook' icon to open the page where they can name, tag, and further customize the promptbook.

Select the 'Export prompts' button to download the selected prompts for manual execution.

Choose the 'Save session' option to preserve the current state of the session for later use.

5.

After uploading a PDF file to Microsoft Security Copilot, an analyst wants to ensure the file is included as a source in their current session. What should the analyst do next?

Toggle the button on the right-hand side of the file until the toggle is lit up.

Delete the file and reupload it to automatically include it as a source.

Navigate to the Files section and select on the file name to open it.

Check your knowledge

Feedback