Exam DP-200 topic 4 question 6 discussion

Actual exam question from Microsoft's DP-200

Question #: 6
Topic #: 4

SIMULATION -
Use the following login credentials as needed:

Azure Username: xxxxx -

Azure Password: xxxxx -
The following information is for technical support purposes only:

Lab Instance: 10543936 -

Your company's security policy states that administrators must be able to review a list of the failed logins to an Azure SQL database named db1 during the previous 30 days.
You need to modify your Azure environment to meet the security policy requirements.
To complete this task, sign in to the Azure portal.

Show Suggested Answer

Suggested Answer: See the explanation below.
Set up auditing for your database
The following section describes the configuration of auditing using the Azure portal.
1. Go to the Azure portal.
2. Navigate to Auditing under the Security heading in your SQL database db1/server pane

3. If you prefer to enable auditing on the database level, switch Auditing to ON.

Reference:
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-auditing

by morales4dev at May 17, 2021, 8 a.m.

Comments

Submit Cancel

morales4dev

4 years ago

I don't agree with the explanation. According to this https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview "...When using Azure AD Authentication, failed logins records will not appear in the SQL audit log. To view failed login audit records, you need to visit the Azure Active Directory portal, which logs details of these events..." You can log failed login events from AAD portal.

upvoted 1 times

Alekx42

4 years ago

Unfortunately it is not mentioned if Azure AD authentication is used to login. Maybe user are just using the standard username and password created in the SQL database. Moreover, the lab asks to do something, and if they were using Azure AD authentication there would be nothing to do. So I think that the provided answer (enable auditing) is correct.

upvoted 2 times

...