ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-101 All Questions

View all questions & answers for the MD-101 exam
Go to Exam

Exam MD-101 topic 1 question 33 discussion

Actual exam question from Microsoft's MD-101
Question #: 33
Topic #: 1
[All MD-101 Questions]

You are currently making use of the Antimalware Assessment solution in Microsoft Azure Log Analytics.
You have accessed the Protection Status dashboard and find that there is a device that is not reporting.
Which of the following could be a reason for this occurring?

  • A. Windows Defender System Guard is incorrectly configured.
  • B. You need to install the Azure Diagnostic extension.
  • C. Windows Defender Application Guard is incorrectly configured.
  • D. The Microsoft Malicious Software Removal tool is installed.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Azure Diagnostics extension is an agent in Azure Monitor that collects monitoring data from the guest operating system of Azure compute resources including virtual machines.
Note: As the Azure Diagnostic extension can only be used for Virtual Machines a better answer would be that the Microsoft Monitoring Agent (MMA) is missing.
Incorrect:
Not A: Windows Defender System Guard reorganizes the existing Windows 10 system integrity features under one roof and sets up the next set of investments in
Windows security. It's designed to make these security guarantees:
Protect and maintain the integrity of the system as it starts up
Validate that system integrity has truly been maintained through local and remote attestation
Not C: For Microsoft Edge, Application Guard helps to isolate enterprise-defined untrusted sites, protecting your company while your employees browse the
Internet. As an enterprise administrator, you define what is among trusted web sites, cloud resources, and internal networks. Everything not on your list is considered untrusted. If an employee goes to an untrusted site through either Microsoft Edge or Internet Explorer, Microsoft Edge opens the site in an isolated
Hyper-V-enabled container.
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/agents/diagnostics-extension-overview https://docs.microsoft.com/en-us/azure/azure-monitor/visualize/tutorial-logs-dashboards
by angelize at July 1, 2021, 5:58 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ka1Nn
Highly Voted 3 years, 11 months ago
The answer is not present : The Microsoft Monitoring Agent is uninstalled.
upvoted 22 times
mikl
3 years, 6 months ago
Agree. You may also see the Log Analytics agent referred to as the Microsoft Monitoring Agent (MMA). https://docs.microsoft.com/en-us/azure/azure-monitor/agents/log-analytics-agent
upvoted 3 times
...
RodrigoT
3 years, 3 months ago
The Microsoft Monitoring Agent (MMA) is not something that you install on every computer, but mainly on a data collection machine, or a server or on the gateway. https://docs.microsoft.com/en-us/services-hub/health/mma-setup The question says that there is one device that is not reporting, not all of them. So, if just one device is not reporting, it could be a misconfiguration, not that the Agent is not installed.
upvoted 4 times
RodrigoT
3 years, 1 month ago
Anyway, I found this: A yellow warning icon means the agent is having issues. One common reason is the Microsoft Monitoring Agent service has stopped. Use service control manager to restart the service. https://docs.microsoft.com/en-us/azure/azure-monitor/faq#how-can-i-confirm-that-the-log-analytics-agent-is-able-to-communicate-with-azure-monitor-
upvoted 2 times
...
...
...
angelize
Highly Voted 3 years, 12 months ago
I would say B. https://docs.microsoft.com/en-us/azure/azure-monitor/agents/diagnostics-extension-overview
upvoted 6 times
HellRaver80
3 years, 7 months ago
in my eyes that is active on the server not on clients
upvoted 1 times
...
RodrigoT
3 years, 3 months ago
Azure Diagnostics Extension can be used only with Azure virtual machines: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/diagnostics-extension-overview
upvoted 1 times
...
...
Darkfire
Most Recent 1 year, 9 months ago
Selected Answer: B
B = correct Key words: not reporting + Windows Diagnotics Extension (needs to be installed to monitor + report)
upvoted 1 times
...
Meebler
2 years, 6 months ago
B, There are several potential reasons why a device may not be reporting when using the Antimalware Assessment solution in Microsoft Azure Log Analytics. One potential reason is that the Azure Diagnostic extension is not installed on the device. The Azure Diagnostic extension is a tool that is used to collect diagnostic data from Azure virtual machines and other resources. It is required for the Antimalware Assessment solution to work properly and report on the status of devices. If the extension is not installed on a device, it may not be able to report to Azure Log Analytics. Other potential reasons for a device not reporting could include incorrect configuration of Windows Defender System Guard, Windows Defender Application Guard, or the Microsoft Malicious Software Removal tool. However, these are less likely causes compared to the Azure Diagnostic extension not being installed.
upvoted 2 times
...
RodrigoT
3 years, 3 months ago
A.Windows Defender System Guard is for hardware. B.Azure Diagnostic extension is for Azure virtual machines. C.Windows Defender Application Guard is for browsing (Edge) and Office. D.Microsoft Malicious Software Removal tool is that update package that used to scan your computer every month. So, none of the above. Azure Log Analytics is on a deprecation path and you should migrate to the new Azure Monitor agent (AMA): https://docs.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-migration Meaning that this question is so outdated.
upvoted 6 times
RodrigoT
3 years, 3 months ago
Anyway, if we are talking about malware protection and a device that is not reporting the new tool is Microsoft Defender for Endpoint: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide One of the reasons that one device is not reporting could be found here: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/troubleshoot-onboarding?view=o365-worldwide#confirming-onboarding-of-newly-built-devices And one of the ways to solve this could be: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/run-detection-test?view=o365-worldwide
upvoted 2 times
...
...
Garito
3 years, 4 months ago
Assuming it is Microsoft Azure Log Analytics and from this article: https://docs.microsoft.com/en-us/azure/azure-monitor/visualize/tutorial-logs-dashboards Best answer available is B
upvoted 1 times
RodrigoT
3 years, 3 months ago
Azure Diagnostics Extension can be used only with Azure virtual machines. https://docs.microsoft.com/en-us/azure/azure-monitor/agents/diagnostics-extension-overview
upvoted 1 times
...
...
Juun
3 years, 4 months ago
Where do the questions come from exactly? None of the options make much sense
upvoted 2 times
...
Bettito
3 years, 5 months ago
ninguna ya que no esta presente MMA
upvoted 1 times
...
AK311
3 years, 7 months ago
I dont think any of the options present here are correct?
upvoted 4 times
...
amarro
3 years, 7 months ago
Is the answer correct because I have a doubt with the option B
upvoted 1 times
...
Ka1Nn
3 years, 11 months ago
Azure Diagnostics Extension can be used only with Azure virtual machines
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel