ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-301 All Questions

View all questions & answers for the AZ-301 exam
Go to Exam

Exam AZ-301 topic 2 question 17 discussion

Actual exam question from Microsoft's AZ-301
Question #: 17
Topic #: 2
[All AZ-301 Questions]

You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains two administrative user accounts named Admin1 and Admin2.
You create two Azure virtual machines named VM1 and VM2.
You need to ensure that Admin1 and Admin2 are notified when more than five events are added to the security log of VM1 or VM2 during a period of 120 seconds.
The solution must minimize administrative tasks.
What should you create?

  • A. two action groups and one alert rule
  • B. one action group and one alert rule
  • C. five action groups and one alert rule
  • D. two action groups and two alert rules
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by mykolaantoniv at Feb. 16, 2020, 3:58 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mykolaantoniv
Highly Voted 5 years, 4 months ago
Answer is B
upvoted 12 times
tartar
4 years, 9 months ago
B is ok
upvoted 2 times
...
...
Gianlucag77
Highly Voted 4 years, 10 months ago
several VMs can be selected as the scope for an alert rule: https://www.youtube.com/watch?v=ps4iasnS7Qs so the answer is correct: one & one
upvoted 7 times
chakanirban
4 years, 9 months ago
Nice video , Correct ! B right answer
upvoted 1 times
...
...
glam
Most Recent 4 years, 5 months ago
B. one action group and one alert rule
upvoted 1 times
...
sanketshah
4 years, 6 months ago
B is correct answer
upvoted 1 times
...
duytran216
4 years, 10 months ago
Use Azure Monitor. Create a action group with Admin 1 & 2. Setup rule for alert.
upvoted 6 times
...
ct84
4 years, 11 months ago
seems legit.. you can put the admins in the same action group, there is only one answer with a single action group so that makes any trip ups about do i need to set an alert on VM1 and VM2 moot. Guess they're in the same RG or something? Heh.
upvoted 2 times
...
[Removed]
4 years, 11 months ago
After spending hours on trying to replicate this scenario I am still puzzled. One could store security event logs via Diagnostic settings to a storage account. And than later ingest the data from the storage account to a Log Analytics workspace. Though I wasn't able to retrieve any data from from the "Events" table. It stayed empty, althought the storage account table clearly showd event log entries coming from the security log. I guess the go-to-solution for such a requirement would be the Security Center.
upvoted 1 times
...
[Removed]
4 years, 11 months ago
I just don't see how this is even possible. Collecting Security Event logs is currently not supported, even when using an agent. So how can this be achieved?
upvoted 1 times
...
AmineHZ
5 years, 1 month ago
B is the right answer
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel