🔥 3-day streak
Microsoft Cybersecurity Architect Expert81 / 158
Question 81 of 158

A financial services company is designing its security operations center (SOC) tooling strategy. They already use Microsoft Defender XDR for endpoint, identity, email, and cloud app signals, and they need a centralized platform to correlate these XDR alerts with logs from third-party network firewalls, on-premises Active Directory Federation Services, and custom line-of-business applications for organization-wide threat hunting and long-term retention. Based on the Microsoft Cybersecurity Reference Architecture (MCRA), which design approach best meets these requirements?

Reviewed for accuracy · Report an issueNext question