SC-200 - Manage a Security Operations Environment - Section 1.1
Configure Microsoft Defender XDR email and alert notifications, including tuning, suppression, and correlation.
Configure email notification rules in Microsoft Defender XDR for incidents, actions, and threat analytics, applying scope filters to control recipient lists. Distinguish between alert tuning rules that reduce noise at source, alert suppression that hides matched alerts, and alert correlation that groups related signals into a single incident.
email notifications for incidents, actions, and threat analyticsalert tuning rulesalert suppressionalert correlationMicrosoft Defender XDR notification rules
More in this domain
Back to all Manage a Security Operations Environment objectives, or the SC-200 cert hub.
Examworthy is not affiliated with or endorsed by Microsoft. Original, blueprint-aligned practice material only.