Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-100 Exam - Topic 1 Question 59 Discussion

Actual exam question for Microsoft's SC-100 exam
Question #: 59
Topic #: 1
[All SC-100 Questions]

A customer has a hybrid cloud infrastructure that contains a Microsoft 365 E5 subscription and an Azure subscription.

All the on-premises servers in the perimeter network are prevented from connecting directly to the internet.

The customer recently recovered from a ransomware attack.

The customer plans to deploy Microsoft Sentinel.

You need to recommend configurations to meet the following requirements:

* Ensure that the security operations team can access the security logs and the operation logs.

* Ensure that the IT operations team can access only the operations logs, including the event logs of the servers in the perimeter network.

Which two configurations can you include in the recommendation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer: D

by Vinnie at Jan 11, 2025, 07:42 AM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Dortha
5 months ago
I’m not sure about the Azure Monitor agent, though.
upvoted 0 times
...
Toshia
5 months ago
Custom collector with Log Analytics agent seems like a good fit!
upvoted 0 times
...
Hui
6 months ago
Wait, can the IT team really access only the operations logs? Sounds tricky.
upvoted 0 times
...
Helene
6 months ago
Definitely agree, Azure AD Conditional Access policies could work too.
upvoted 0 times
...
Sage
6 months ago
I think resource-based RBAC is a solid choice here.
upvoted 0 times
...
Brandon
6 months ago
I practiced a similar question where RBAC was the right choice for restricting access, so I feel confident about including that in my answer.
upvoted 0 times
...
Brice
6 months ago
Conditional Access policies seem more related to user authentication rather than log access, so I’m hesitant about that option.
upvoted 0 times
...
Alesia
7 months ago
I think using the Log Analytics agent could help with collecting logs, but I can't recall if it meets all the requirements for both teams.
upvoted 0 times
...
Emmanuel
7 months ago
I remember something about RBAC being crucial for managing access, but I'm not entirely sure if it's the best fit for this scenario.
upvoted 0 times
...
Tonja
7 months ago
Okay, I think I've got a handle on this. The Azure AD Conditional Access policies will allow me to control access to the security logs, while the resource-based RBAC can be used to grant the IT operations team access to the operations logs. This seems like the most straightforward way to meet the requirements. I'll make sure to explain my reasoning clearly in the exam.
upvoted 0 times
...
Adela
7 months ago
Hmm, this is a tricky one. I'm not too familiar with Microsoft Sentinel, so I'll need to do some research on how it integrates with Azure AD and RBAC to provide the necessary access controls. The custom collector and Azure Monitor agent options also seem worth considering, but I'm not sure how they fit into the overall solution.
upvoted 0 times
...
Latonia
7 months ago
I'm a bit confused by the different log types and access requirements. Do the security operations team and IT operations team need access to different logs? I'll need to carefully read through the requirements again to make sure I understand the distinction.
upvoted 0 times
...
Caitlin
7 months ago
This question seems straightforward. I think the key is to focus on the requirements around access to the security and operations logs. The Azure AD Conditional Access policies and resource-based RBAC seem like the most relevant configurations to meet those requirements.
upvoted 0 times
...
Pamella
12 months ago
The IT ops team is so excited about the operations logs, they're planning a special 'Log Appreciation Day' with cake and streamers. Just don't tell the security team - they might crash the party!
upvoted 0 times
...
Emilio
12 months ago
Hmm, this looks like a job for the log-wrangling, RBAC-juggling, Azure-hugging superhero! I'd go with B and C to get the job done.
upvoted 0 times
Gladis
11 months ago
The Azure Monitor agent might be a good addition to the recommendation to enhance monitoring capabilities.
upvoted 0 times
...
Selma
11 months ago
Azure Active Directory (Azure AD) Conditional Access policies could also be useful in controlling access to the logs.
upvoted 0 times
...
Cherri
11 months ago
Resource-based role-based access control (RBAC) is essential to ensure the IT operations team can access only the necessary logs.
upvoted 0 times
...
Maryanne
11 months ago
I agree, using a custom collector with the Log Analytics agent will definitely help with accessing the security and operation logs.
upvoted 0 times
...
...
Hubert
12 months ago
This is a tricky one, but I'm leaning towards B and D. The custom collector and Azure Monitor agent can handle the log collection, and RBAC can manage the access control.
upvoted 0 times
...
Detra
12 months ago
A and D seem like the way to go. Azure AD Conditional Access policies can secure access to the logs, and the Azure Monitor agent can collect the necessary data.
upvoted 0 times
Meaghan
11 months ago
A: It's important to have the right configurations in place, especially after recovering from a ransomware attack.
upvoted 0 times
...
Keneth
11 months ago
B: Yes, and deploying the Azure Monitor agent will ensure that the necessary data is collected for monitoring.
upvoted 0 times
...
Trinidad
11 months ago
A: I agree, using Azure AD Conditional Access policies can help control who has access to the logs.
upvoted 0 times
...
...
Robt
12 months ago
I think B and C would work well here. The custom collector using the Log Analytics agent can gather the security and operations logs, and resource-based RBAC can help control access to those logs.
upvoted 0 times
Arminda
11 months ago
Azure Active Directory Conditional Access policies could also be useful to further secure access to the logs.
upvoted 0 times
...
Theresia
12 months ago
Resource-based RBAC can definitely help control access to the logs based on team roles.
upvoted 0 times
...
Lashon
12 months ago
I agree, using a custom collector with Log Analytics agent can help gather the necessary logs.
upvoted 0 times
...
...
Francoise
1 year ago
I believe we should also include a custom collector that uses the Log Analytics agent to meet the requirements.
upvoted 0 times
...
Candra
1 year ago
I agree with you, Sherell. That will help ensure that the security operations team can access the security logs and the operation logs.
upvoted 0 times
...
Sherell
1 year ago
I think we should include Azure Active Directory Conditional Access policies in the recommendation.
upvoted 0 times
...

Save Cancel