CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-500

Free AZ-500 Exam Braindumps (page: 57)

Page 56 of 128
PDF with 507 Questions

You have an Azure subscription that contains the resources shown in the following table.
You plan to implement Microsoft Defender for Cloud.
Which resources can be protected by using Defender for Cloud?

  1. VM1 only
  2. VM1 and storage1 only
  3. Vault1 and storage1 only
  4. VM1, Vault1, and storage1 only
  5. VNet1, VM1, Vault1, and storage1

Answer(s): E



You create a new Azure subscription.
You need to ensure that you can create custom alert rules in Azure Security Center.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  1. Onboard Azure Active Directory (Azure AD) Identity Protection.
  2. Create an Azure Storage account.
  3. Implement Azure Advisor recommendations.
  4. Create an Azure Log Analytics workspace.
  5. Upgrade the pricing tier of Security Center to Standard.

Answer(s): D,E

Explanation:

D: You need write permission in the workspace that you select to store your custom alert.


Reference:

https://docs.microsoft.com/en-us/azure/security-center/security-center-custom-alert



You have an Azure subscription named Sub1 that contains an Azure Log Analytics workspace named LAW1.
You have 100 on-premises servers that run Windows Server 2012 R2 and Windows Server 2016. The servers connect to LAW1. LAW1 is configured to collect security-related performance counters from the connected servers.
You need to configure alerts based on the data collected by LAW1. The solution must meet the following requirements:
-Alert rules must support dimensions.
-The time it takes to generate an alert must be minimized.
-Alert notifications must be generated only once when the alert is generated and once when the alert is resolved.
Which signal type should you use when you create the alert rules?

  1. Log
  2. Log (Saved Query)
  3. Metric
  4. Activity Log

Answer(s): C

Explanation:

Metric alerts in Azure Monitor provide a way to get notified when one of your metrics cross a threshold. Metric alerts work on a range of multi-dimensional platform metrics, custom metrics, Application Insights standard and custom metrics.
Note: Signals are emitted by the target resource and can be of several types. Metric, Activity log, Application Insights, and Log.


Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metric



HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure subscription that contains an Azure Sentinel workspace.
Azure Sentinel is configured to ingest logs from several Azure workloads. A third-party service management platform is used to manage incidents.
You need to identify which Azure Sentinel components to configure to meet the following requirements:
-When Azure Sentinel identifies a threat, an incident must be created.
-A ticket must be logged in the service management platform when an incident is created in Azure Sentinel.
Which component should you identify for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://docs.microsoft.com/en-us/azure/sentinel/create-incidents-from-alerts https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook






Post your Comments and Discuss Microsoft AZ-500 exam with other Community members:

AZ-500 Exam Discussions & Posts