DRAG DROP
-
You have a Microsoft 365 E5 subscription and use Microsoft Defender for Cloud Apps.
You need to configure Cloud Discovery to generate a report that identifies top potential risks and provides a workflow to mitigate and manage the risks.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Given answer is correct https://learn.microsoft.com/en-us/defender-cloud-apps/create-snapshot-cloud-discovery-reports#log-format
Cloud Discovery snapshot report: Provides a detailed snapshot of cloud app usage at a specific point in time. Cloud Discovery Executive Report: Provides a high-level overview of cloud app usage, potential risks, and recommended So... export logs-->Executive report-->process logs>autologs I think
BJS78 is right https://learn.microsoft.com/en-us/defender-cloud-apps/discovered-apps#generate-a-cloud-discovery-executive-report Generate a cloud discovery executive report The best way to get an overview of Shadow IT use across your organization is by generating a cloud discovery executive report. This report identifies the top potential risks and helps you plan a workflow to mitigate and manage risks until they're resolved. To generate a cloud discovery executive report: In the Microsoft Defender portal, under Cloud Apps, select Cloud discovery. From the Cloud discovery page, select Actions > Generate Cloud Discovery executive report. Optionally, change the report name, and then select Generate.
BJS78 is right https://learn.microsoft.com/en-us/defender-cloud-apps/discovered-apps#generate-a-cloud-discovery-executive-report Generate a cloud discovery executive report The best way to get an overview of Shadow IT use across your organization is by generating a cloud discovery executive report. This report identifies the top potential risks and helps you plan a workflow to mitigate and manage risks until they're resolved. To generate a cloud discovery executive report: In the Microsoft Defender portal, under Cloud Apps, select Cloud discovery. From the Cloud discovery page, select Actions > Generate Cloud Discovery executive report. Optionally, change the report name, and then select Generate.
Summary of Actions in Sequence: 1. Export network traffic logs from firewall and proxy devices. 2. Configure automatic log upload. 3. Generate a Cloud Discovery snapshot report.
It's important to upload a log manually and let Microsoft Defender for Cloud Apps parse it before trying to use the automatic log collector. So, configure automatic log upload is last.
I don't see the mitigation actions in the Snapshot report, but they are in the Executive Report. Export network Traffic logs Executive Report Automatic logs
its executive report look here: https://learn.microsoft.com/en-us/defender-cloud-apps/discovered-apps#generate-a-cloud-discovery-executive-report its the exact wording for the question for the report part
Export network traffic logs from firewall and proxy: Collect log files from your firewall and proxy, through which users in your organization access the Internet. Generate a Cloud Discovery snapshot report: Upload the collected traffic logs to Microsoft Defender for Cloud Apps and generate a snapshot report to analyze cloud app usage. Generate a Cloud Discovery executive report: Use the Cloud Discovery executive report to identify top potential risks and plan a workflow to mitigate and manage those risks3.
Generate a cloud discovery executive report This report identifies the top potential risks and helps you plan a workflow to mitigate and manage risks until they're resolved.