Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft Exam SC-200 Topic 3 Question 67 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 67
Topic #: 3
[All SC-200 Questions]

You have an Azure subscription that has Azure Defender enabled for all supported resource types.

You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution.

To which service should you export the alerts?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Gayla at Mar 20, 2024, 08:53 AM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Pura
1 days ago
I think I'll go with Option C. Azure Event Hubs seems like the logical choice for exporting high-severity alerts to a SIEM solution. It's designed for real-time data ingestion, which is perfect for this use case.
upvoted 0 times
...
Ilda
5 days ago
I'm not sure about that. I think D) Azure Data Lake could also be a valid option for exporting high-severity alerts.
upvoted 0 times
...
Shonda
14 days ago
I agree with Paulina. Azure Event Hubs can handle large amounts of data and is a good choice for exporting alerts.
upvoted 0 times
...
Paulina
17 days ago
I think the answer is C) Azure Event Hubs because it is designed for big data streaming.
upvoted 0 times
...

Save Cancel