ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-500 All Questions

View all questions & answers for the MS-500 exam
Go to Exam

Exam MS-500 topic 4 question 85 discussion

Actual exam question from Microsoft's MS-500
Question #: 85
Topic #: 4
[All MS-500 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your on-premises network contains a server that runs Windows Server 2019, computers that run Windows 10, macOS, or Linux, and a firewall that utilizes syslog.
You have a Microsoft 365 E5 subscription that uses Microsoft Defender for Endpoint. All the computers are onboarded to Microsoft Defender for Endpoint.
You are implementing Microsoft Defender for Cloud Apps.
You need to discover which cloud apps are accessed from the computers.
Solution: You install a Microsoft Defender for Identity sensor on the server.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by dakasa at Sept. 7, 2022, 9:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
abrub
2 years, 1 month ago
Selected Answer: B
No, installing a Microsoft Defender for Identity sensor on the server will not meet the goal of discovering which cloud apps are accessed from the computers. Microsoft Defender for Identity is a cloud-based solution that helps you protect your organization from advanced threats by detecting suspicious activities and attacks. It works by monitoring user activities and authentication events in your organization's Active Directory environment. It does not provide information on the cloud apps accessed from the computers. To discover which cloud apps are accessed from the computers, you should use Microsoft Cloud App Security (MCAS) which is part of Microsoft Defender for Cloud Apps. MCAS provides visibility into the cloud apps accessed from your network and allows you to control access to those apps. You can use MCAS to discover cloud apps that are used in your organization and identify potential risks associated with those apps. To do this, you need to configure MCAS to collect logs from the firewall that utilizes syslog and analyze those logs to identify the cloud apps accessed from the computers.
upvoted 2 times
...
skycrap
2 years, 4 months ago
Selected Answer: B
I don't think A. Defender for Identity enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to: Monitor users, entity behavior, and activities with learning-based analytics Protect user identities and credentials stored in Active Directory Identify and investigate suspicious user activities and advanced attacks throughout the kill chain Provide clear incident information on a simple timeline for fast triage No mention about "discover which cloud apps are accessed from the computers" https://learn.microsoft.com/en-us/defender-for-identity/what-is
upvoted 1 times
...
goape
2 years, 6 months ago
Selected Answer: B
Definitely not A. You'd either be getting a snapshot log from the FW or setting up continuous logging from it. Regardless, users have the M365 E5 which contains Defender for Endpoint Plan 2, allowing client devices to continuously log to the portal
upvoted 2 times
...
Wedge34
2 years, 6 months ago
Selected Answer: B
answer B
upvoted 2 times
...
dakasa
2 years, 8 months ago
Selected Answer: A
https://docs.microsoft.com/en-us/defender-cloud-apps/mdi-integration
upvoted 4 times
EzeQ
2 years, 5 months ago
that does not reply to the question
upvoted 1 times
[Removed]
2 years, 3 months ago
https://learn.microsoft.com/zh-tw/defender-cloud-apps/media/unsanctioned-app.png
upvoted 1 times
...
yoton
2 years, 2 months ago
From the image posted below you; it 100% does. You can review which apps are discovered in that portal.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago