🔥 3-day streak
Microsoft Security Operations Analyst165 / 190
Question 165 of 190

Your SOC team wants Microsoft Sentinel to automatically detect multistage attacks by correlating low-fidelity signals from multiple data sources (such as anomalous sign-ins followed by suspicious PowerShell execution) into a single high-confidence incident, without manually authoring correlation logic. Which analytics rule type should you enable to achieve this?

Reviewed for accuracy · Report an issueNext question