ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 2 question 6 discussion

Actual exam question from Microsoft's SC-200
Question #: 6
Topic #: 2
[All SC-200 Questions]

You create an Azure subscription named sub1.
In sub1, you create a Log Analytics workspace named workspace1.
You enable Azure Security Center and configure Security Center to use workspace1.
You need to collect security event logs from the Azure virtual machines that report to workspace1.
What should you do?

  • A. From Security Center, enable data collection
  • B. In sub1, register a provider.
  • C. From Security Center, create a Workflow automation.
  • D. In workspace1, create a workbook.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by somsom at Aug. 31, 2021, 8:32 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
stromnessian
Highly Voted 3 years, 6 months ago
Selected Answer: A
Data collection Store additional raw data - Windows security events To help audit, investigate, and analyze threats, you can collect raw events, logs, and additional security data and save it to your Log Analytics workspace.
upvoted 13 times
Nickname01
2 years, 10 months ago
Answer A is correct: you go to your Log analytics workspace -> agent management -> Data collection rules, here you would create a new rule and add the Windows Event logs and select the security logs.
upvoted 6 times
Ramye
1 year, 5 months ago
Thx for sharing the steps. Just one quick note if anyone is trying out the steps… The agent management page is accessible by clicking Agents under the Settings on the Log-Analytics-workspace page.
upvoted 1 times
...
...
...
zole
Highly Voted 3 years, 8 months ago
uuuuuuuuuuuuuuuuuuuuu
upvoted 8 times
...
OneplusOne
Most Recent 3 months ago
Selected Answer: A
After deploying the Azure Monitor agent, the next step is to configure data collection: https://learn.microsoft.com/en-us/azure/azure-monitor/vm/monitor-virtual-machine#configuration-steps
upvoted 1 times
...
Nikki0222
9 months, 3 weeks ago
A answer
upvoted 1 times
...
Nikki0222
9 months, 3 weeks ago
A correct
upvoted 1 times
...
chepeerick
1 year, 9 months ago
Correct A
upvoted 1 times
...
Oryx360
1 year, 11 months ago
Selected Answer: B
B. In sub1, register a provider. To collect security event logs from the Azure virtual machines reporting to workspace1, you need to register a data collection provider. This action allows Azure Monitor to collect logs and data from the resources and send it to the specified Log Analytics workspace.
upvoted 1 times
...
AK4U_111
2 years, 2 months ago
The Log Analytics agents won’t be supported as of August 31, 2024. Plan to migrate to Azure Monitor Agent prior to this date. If you’ve already installed Azure Monitor Agent, make sure to create and associate data collection rules to the agents.
upvoted 4 times
...
feln
3 years, 4 months ago
Selected Answer: A
correct
upvoted 2 times
...
Tx4free
3 years, 5 months ago
Selected Answer: A
Best answer
upvoted 3 times
...
somsom
3 years, 11 months ago
correct
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel