ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 4 question 59 discussion

Actual exam question from Microsoft's AZ-500
Question #: 59
Topic #: 4
[All AZ-500 Questions]

DRAG DROP -
You have an Azure subscription that contains the following resources:
✑ A network virtual appliance (NVA) that runs non-Microsoft firewall software and routes all outbound traffic from the virtual machines to the internet
✑ An Azure function that contains a script to manage the firewall rules of the NVA
✑ Azure Security Center standard tier enabled for all virtual machines
✑ An Azure Sentinel workspace
✑ 30 virtual machines
You need to ensure that when a high-priority alert is generated in Security Center for a virtual machine, an incident is created in Azure Sentinel and then a script is initiated to configure a firewall rule for the NVA.
How should you configure Azure Sentinel to meet the requirements? To answer, drag the appropriate components to the correct requirements. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/azure/sentinel/create-incidents-from-alerts https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-security-center
by markozoide at July 20, 2021, 8:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
markozoide
Highly Voted 2 years, 4 months ago
this solution is correct!
upvoted 8 times
...
zellck
Highly Voted 7 months, 1 week ago
1. Data connector for Security Center 2. Rule 3. Playbook https://learn.microsoft.com/en-us/azure/sentinel/detect-threats-built-in Rule templates were designed by Microsoft's team of security experts and analysts based on known threats, common attack vectors, and suspicious activity escalation chains. Rules created from these templates will automatically search across your environment for any activity that looks suspicious. Many of the templates can be customized to search for activities, or filter them out, according to your needs. The alerts generated by these rules will create incidents that you can assign and investigate in your environment https://learn.microsoft.com/en-us/azure/sentinel/overview#automate-and-orchestrate-common-tasks-by-using-playbooks Automate your common tasks and simplify security orchestration with playbooks that integrate with Azure services and your existing tools.
upvoted 6 times
...
sgomezsan
Most Recent 3 months ago
1. Data connector for Security Center 2. Rule 3. Playbook NOTE: Data Connector content has been removed. All the removed content and more is available in Azure Sentinel->Content management->Content hub.
upvoted 2 times
...
majstor86
9 months, 1 week ago
Enable Alert notifications from Security Centar: A data conector for Security Centar Create an incident: A rule Initiate a script to configure the firewall rule: A playbook
upvoted 3 times
...
ligu
9 months, 2 weeks ago
The answers are correct
upvoted 1 times
...
kam117
2 years, 2 months ago
## Exam Question - 24 Sept 2021 ##
upvoted 2 times
...
[Removed]
2 years, 4 months ago
https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-security-center
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel