Which feature provides the extended detection and response (XDR) capability of Azure Sentinel?

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

The capability of Azure Sentinel that provides extended detection and response (XDR) is through its integration with Microsoft 365 Defender. This integration enhances Azure Sentinel by allowing it to correlate signals from across various Microsoft security products, including Microsoft Defender for Endpoint, Microsoft Defender for Identity, and Microsoft Defender for Office 365. By unifying these signals into a single platform, Azure Sentinel can provide a more comprehensive view of threats and enable more effective response actions.

This synergy allows security teams to leverage automated responses and enhanced analytics across the Microsoft ecosystem, significantly improving the detection and mitigation of advanced threats that might span multiple environments, whether on-premises or in the cloud. The result is a streamlined security operation that can act quickly on indicators of compromise identified in different components of the Microsoft security stack.

The other choices do contribute to various aspects of security and incident response but do not specifically enable the XDR capabilities that are hallmark features of the integration with Microsoft 365 Defender.