ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 2 question 59 discussion

Actual exam question from Microsoft's SC-200
Question #: 59
Topic #: 2
[All SC-200 Questions]

You create an Azure subscription named sub1.

In sub1, you create a Log Analytics workspace named workspace1.

You enable Microsoft Defender for Cloud and configure Defender for Cloud to use workspace1.

You need to collect security event logs from the Azure virtual machines that report to workspace1.

What should you do?

  • A. From Defender for Cloud, modify Microsoft Defender for Servers plan settings.
  • B. In sub1, register a provider.
  • C. From Defender for Cloud, create a workflow automation.
  • D. In workspace1, create a workbook.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Yaya at Oct. 15, 2023, 2:37 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
uehqloeu8126
5 months, 1 week ago
Selected Answer: A
no longer valid since, September 2024 this is all legacy and cannot be done. The New way of management will be the MDE: https://techcommunity.microsoft.com/blog/microsoftdefendercloudblog/microsoft-defender-for-cloud---strategy-and-plan-towards-log-analytics-agent-mma/3883341
upvoted 3 times
...
user636
9 months, 3 weeks ago
Selected Answer: A
Answer is A
upvoted 2 times
...
Murtuza
1 year, 5 months ago
Answer is A https://learn.microsoft.com/en-us/azure/defender-for-cloud/tutorial-enable-servers-plan
upvoted 1 times
...
im20batman
1 year, 6 months ago
Selected Answer: D
Answer is D https://learn.microsoft.com/en-us/azure/azure-monitor/vm/tutorial-monitor-vm-guest
upvoted 1 times
...
Fez786
1 year, 7 months ago
Selected Answer: A
THIS QUESTION IS SAME AS QUESTION 6 TOPIC 2. CORRECT ANSWER IS A. thats a guarantee!!!
upvoted 3 times
...
danb67
1 year, 7 months ago
Selected Answer: A
I am not too sure about this one https://learn.microsoft.com/en-us/azure/defender-for-cloud/working-with-log-analytics-agent#configure-the-log-analytics-agent-and-workspaces I go with A - the below is from the above url When the Log Analytics agent is on, Defender for Cloud deploys the agent on all supported Azure VMs and any new ones created. For the list of supported platforms, see Supported platforms in Microsoft Defender for Cloud. To configure integration with the Log Analytics agent: From Defender for Cloud's menu, open Environment settings. Select the relevant subscription. In the Monitoring Coverage column of the Defender plans, select Settings. From the configuration options pane, define the workspace to use.
upvoted 2 times
jinxie
1 year, 3 months ago
looking at the question though, it already specifies that you have configured Defender for Cloud to use the workspace so in my mind that means step A has already been performed so why would you do that again? D would seem the obvious next step after
upvoted 1 times
...
...
Yaya
1 year, 8 months ago
The correct answer I think should be D (In workspace1, create a workbook). To collect security event logs from the Azure virtual machines that report to workspace1, you can create a workbook in workspace1. A workbook is a collection of visualizations that allow you to analyse your data. You can create a workbook that visualizes the security event logs from your virtual machines.
upvoted 3 times
kabooze
1 year, 7 months ago
workbooks visualize, they don't collect logs
upvoted 5 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel