HOTSPOT
-
You have a Microsoft 365 E5 subscription that contains Windows 11 and Linux CentOS devices.
In Microsoft Defender XDR, Deception is set to On.
You plan to create a deception rule that will use a custom lure.
You need to specify the type of file, and the planting path for the custom lure.
What should you specify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
correct. https://learn.microsoft.com/en-us/defender-xdr/configure-deception
Well ChatGPT goes with LNK and {HOME}, while EXE and BIN are not supported file types for custom lures at this time. About EXE we could see it in the link below, also that the custom lures should be documents, config files and link files
1. BIN 2. {HOME} For the file type in option 1, BIN would be the most suitable choice for CentOS devices. BIN files are compatible with Linux and Windows systems and can act as executable binaries, making them effective as lures in a deception rule. LNK and EXE are primarily Windows-specific formats and would not work well in a Linux environment like CentOS. Correct answer for option 2, correct answer: {HOME}.