ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 4 question 22 discussion

Actual exam question from Microsoft's SC-300
Question #: 22
Topic #: 4
[All SC-300 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Monitor to analyze Azure Active Directory (Azure AD) activity logs.
You receive more than 100 email alerts each day for failed Azure AD user sign-in attempts.
You need to ensure that a new security administrator receives the alerts instead of you.
Solution: From Azure AD, you modify the Diagnostics settings.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by jasonga at June 9, 2022, 2:46 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Obi_Wan_Jacoby
1 week ago
Selected Answer: B
Answer: B (No)
upvoted 1 times
Obi_Wan_Jacoby
1 week ago
Go to Azure Monitor > Alerts > Action groups. Find the action group used by the alert rule. Edit the email action to replace your email with the new administrator’s.
upvoted 1 times
...
...
hml_2024
8 months ago
The correct answer is: B. No Explanation: Modifying the Diagnostics settings in Azure AD allows you to send logs to different destinations like Azure Monitor or a storage account, but it does not control who receives email alerts. To change the recipient of alerts, you would need to modify the alert rules within Azure Monitor or the Action Group associated with the alerts, specifying the new security administrator as the recipient.
upvoted 1 times
...
a6792d4
11 months, 3 weeks ago
No, modifying the Diagnostics settings in Azure AD will not directly achieve the goal of redirecting email alerts to the new security administrator. Diagnostics settings control the logging and routing of Azure AD logs to destinations like Azure Monitor, but they do not manage alert notifications.
upvoted 1 times
...
dule27
1 year, 10 months ago
Selected Answer: B
B. No is the correct answer
upvoted 1 times
...
Nazir97
2 years, 4 months ago
Modifying the Diagnostics settings in Azure AD is one way to ensure that a new security administrator receives the alerts instead of you for failed Azure AD user sign-in attempts. To do this, follow these steps: Sign in to the Azure portal as a global administrator or security reader. Navigate to Azure Active Directory > Diagnostic settings. Select the diagnostic setting that you want to modify. In the email notification section, add the email address of the new security administrator. Click Save to apply the changes. This will ensure that the new security administrator receives email alerts for failed Azure AD user sign-in attempts, instead of you.
upvoted 3 times
wsrudmen
2 years, 3 months ago
Where do you get that? This is wrong. There's no email notification for diagnostic setting. You can only send to: Send to Log Analytics workspace Archive to a storage account Stream to an event hub Send to partner solution Correct answer is B -> NO
upvoted 3 times
...
...
jack987
2 years, 4 months ago
Selected Answer: B
The correct answer is B -> NO
upvoted 1 times
...
estyj
2 years, 5 months ago
Ans B. No, Need to go to Azure monitor to modify action group not diagnostic settings.
upvoted 1 times
...
Jhill777
2 years, 5 months ago
Selected Answer: B
SigninLogs within "Diagnostic Setting" options are: Send to LAW Archive to a storage account Stream to an event hub Send to a partner solution.
upvoted 3 times
...
DeepMoon
2 years, 5 months ago
Answer is B. Diagnostic settings are in Azure Monitor. Not in AAD. Nothing here that say's about using Defender for Cloud. Defender for cloud is a separate service. And monitoring logs would be premium paid feature. Nothing here mentions Defender for Cloud.
upvoted 1 times
Jhill777
2 years, 5 months ago
I'm looking at them in AAD right now. Answer is still B though.
upvoted 2 times
...
...
Hot_156
2 years, 7 months ago
Selected Answer: B
Action group change is needed.
upvoted 2 times
...
Dragi
2 years, 8 months ago
Action group change is needed.
upvoted 4 times
...
CDR
2 years, 10 months ago
Customize the security alerts email notifications via the portal You can send email notifications to individuals or to all users with specific Azure roles. From Defender for Cloud's Environment settings area, select the relevant subscription, and open Email notifications. https://docs.microsoft.com/en-us/azure/defender-for-cloud/configure-email-notifications
upvoted 1 times
...
sapien45
2 years, 10 months ago
Settings is done in alert group in LAW https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-install-use-log-analytics-views
upvoted 1 times
...
RandomNickname
2 years, 11 months ago
Selected Answer: B
B, nothing to see here....
upvoted 1 times
RandomNickname
2 years, 11 months ago
It's likely you'll actually need Defender for Cloud apps activity policy, see below for reference; https://docs.microsoft.com/en-gb/defender-cloud-apps/user-activity-policies.
upvoted 1 times
...
...
jasonga
2 years, 11 months ago
Selected Answer: B
Should be B nothing in diagnostic settings allows configuration of a recipient for alerts
upvoted 2 times
...
jasonga
2 years, 11 months ago
Should be B nothing in diagnostic settings allows configuration of a recipient for alerts
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago