ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 2 question 12 discussion

Actual exam question from Microsoft's SC-200
Question #: 12
Topic #: 2
[All SC-200 Questions]

You have an Azure subscription that has Azure Defender enabled for all supported resource types.
You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution.
To which service should you export the alerts?

  • A. Azure Cosmos DB
  • B. Azure Event Grid
  • C. Azure Event Hubs
  • D. Azure Data Lake
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by HSBNZ at Aug. 21, 2021, 11:15 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
HSBNZ
Highly Voted 3 years, 9 months ago
Correct answer, from the provided link in the answer it is explained: Continuous export lets you fully customize what will be exported, and where it will go. For example, you can configure it so that: All high severity alerts are sent to an Azure Event Hub All medium or higher severity findings from vulnerability assessment scans of your SQL servers are sent to a specific Log Analytics workspace Specific recommendations are delivered to an Event Hub or Log Analytics workspace whenever they're generated The secure score for a subscription is sent to a Log Analytics workspace whenever the score for a control changes by 0.01 or more
upvoted 21 times
...
Nikki0222
Most Recent 7 months, 2 weeks ago
C answer
upvoted 1 times
...
chepeerick
1 year, 7 months ago
Correct C
upvoted 1 times
...
trashbox
1 year, 8 months ago
The answer is correct. Azure Event Hubs. "Third-party SIEMs - Send data to Azure Event Hubs." https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-schemas?tabs=schema-sentinel
upvoted 1 times
...
Tx4free
3 years, 3 months ago
Selected Answer: C
Best answer
upvoted 3 times
...
dangerdizzy
3 years, 4 months ago
Yes the answer is correct. event hubs.
upvoted 2 times
...
Eltooth
3 years, 9 months ago
Correct answer - Event Hubs.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel