References httpsdocsmicrosoftcomen usazuresecurity

This preview shows page 66 - 68 out of 91 pages.

References:QUESTION 7You create a new Azure subscription.You need to ensure that you can create custom alert rules in Azure Security Center.Which two actions should you perform? Each correct answer presents part of the solution.NOTE:Each correct selection is worth one point.A.Onboard Azure Active Directory (Azure AD) Identity Protection.B.Create an Azure Storage account.C.Implement Azure Advisor recommendations.D.Create an Azure Log Analytics workspace.E.Upgrade the pricing tier of Security Center to Standard.Correct Answer:BDSection: [none]ExplanationExplanation/Reference:Explanation:D: You need write permission in the workspace that you select to store your custom alert.References:QUESTION 8You have an Azure subscription named Sub1 that contains an Azure Log Analytics workspace named LAW1.You have 100 on-premises servers that run Windows Server 2012 R2 and Windows Server 2016. The servers connect to LAW1. LAW1 is configured to collectsecurity-related performance counters from the connected servers.You need to configure alerts based on the data collected by LAW1. The solution must meet the following requirements:Alert rules must support dimensions.The time it takes to generate an alert must be minimized.Alert notifications must be generated only once when the alert is generated and once when the alert is resolved.Which signal type should you use when you create the alert rules?A. LogB.Log (Saved Query)C. MetricD.Activity LogCorrect Answer:CSection: [none]ExplanationExplanation/Reference:Explanation:Metric alerts in Azure Monitor provide a way to get notified when one of your metrics cross a threshold. Metric alerts work on a range of multi-dimensional platformmetrics, custom metrics, Application Insights standard and custom metrics.Note: Signals are emitted by the target resource and can be of several types. Metric, Activity log, Application Insights, and Log.References:QUESTION 9DRAG DROPYou have an Azure subscription that contains 100 virtual machines. Azure Diagnostics is enabled on all the virtual machines.You are planning the monitoring of Azure services in the subscription.You need to retrieve the following details:Identify the user who deleted a virtual machine three weeks ago.Query the security events of a virtual machine that runs Windows Server 2016.What should you use in Azure Monitor? To answer, drag the appropriate configuration settings to the correct details. Each configuration setting may be used once,more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE:Each correct selection is worth one point.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 91 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
LI
Tags
Azure

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture