Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-200 Exam - Topic 4 Question 102 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 102
Topic #: 4
[All SC-200 Questions]

You have an Azure subscription that has Azure Defender enabled for all supported resource types.

You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution.

To which service should you export the alerts?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Ariel at Nov 21, 2025, 07:19 PM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Roosevelt
1 month ago
I agree with Event Hubs. It’s perfect for integrating with SIEM solutions.
upvoted 0 times
...
Wade
1 month ago
Azure Data Lake seems more for storage, not real-time alerts.
upvoted 0 times
...
Jerlene
2 months ago
Azure Event Hubs makes sense for continuous export. High-severity alerts need scalability.
upvoted 0 times
...
Maile
2 months ago
I feel like Azure Cosmos DB is not the right fit for alerts.
upvoted 0 times
...
Lettie
2 months ago
I’m leaning towards Azure Event Grid. It’s event-driven.
upvoted 0 times
...
Elin
2 months ago
I think it’s Azure Event Hubs. It’s designed for big data scenarios.
upvoted 0 times
...
Coletta
2 months ago
Surprised this isn't more straightforward! Why not just use Cosmos DB?
upvoted 0 times
...
Alishia
3 months ago
I thought Data Lake could work, but Event Hubs makes more sense.
upvoted 0 times
...
Annice
3 months ago
Wait, are we sure it's not Event Grid? Seems like a good option too.
upvoted 0 times
...
Maryann
3 months ago
Definitely agree with that! Event Hubs is the way to go.
upvoted 0 times
...
Dana
3 months ago
C) Azure Event Hubs, no doubt about it. Anything else would be like trying to use a spoon to dig a hole. Just doesn't make sense.
upvoted 0 times
...
Jacqueline
4 months ago
Hmm, I'm going with C) Azure Event Hubs. It's the most logical option for this use case. Anything else would just be a waste of time and resources.
upvoted 0 times
...
Bev
4 months ago
C) Azure Event Hubs is the obvious choice here. Anything else would be like trying to fit a square peg in a round hole.
upvoted 0 times
...
Rodolfo
4 months ago
I agree, Azure Event Hubs is the way to go. It's designed for high-throughput, real-time data ingestion, which is exactly what you need for alert exports.
upvoted 0 times
...
Sommer
4 months ago
I’m leaning towards Azure Event Hubs too, but I wonder if there’s a specific reason we wouldn’t use Azure Cosmos DB for this?
upvoted 0 times
...
Stephaine
4 months ago
I practiced a similar question, and I feel like Azure Data Lake is more for storage rather than real-time alerts.
upvoted 0 times
...
Oneida
5 months ago
I’m not entirely sure, but I remember something about Azure Event Grid being used for event routing. Could that be it?
upvoted 0 times
...
Diane
5 months ago
I think we might need to export to Azure Event Hubs since it’s designed for high-throughput data streaming.
upvoted 0 times
...
Melvin
5 months ago
I'm a bit confused on this one. Is Azure Event Grid also an option for exporting alerts? I'll have to think through the differences between the services to decide.
upvoted 0 times
...
Annice
5 months ago
I think it's Azure Event Hubs for exporting alerts.
upvoted 0 times
...
Nguyet
5 months ago
Okay, I've got this. Azure Event Hubs is designed for high-volume data ingestion, which is perfect for sending alerts to a SIEM. I'm confident that's the right answer.
upvoted 0 times
...
Vannessa
6 months ago
The key here is that we need to export the alerts to enable retrieval by a third-party SIEM solution. Based on that, I'm leaning towards C) Azure Event Hubs as the best choice.
upvoted 0 times
...
Annelle
6 months ago
C) Azure Event Hubs is the correct answer. It's the perfect service to export high-severity alerts for integration with a SIEM solution.
upvoted 0 times
...
Ryan
6 months ago
Hmm, I'm not sure about this one. I'll need to review the Azure Defender documentation again to make sure I understand the options for exporting alerts.
upvoted 0 times
...
Cecilia
6 months ago
I think the answer is C) Azure Event Hubs. That seems like the most logical choice for exporting alerts to a SIEM solution.
upvoted 0 times
Susana
18 days ago
C is the way to go for integration with SIEMs!
upvoted 0 times
...
Dick
24 days ago
I was leaning towards that too, good choice!
upvoted 0 times
...
Carlee
29 days ago
Definitely, Event Hubs can handle high volumes of alerts.
upvoted 0 times
...
Dottie
1 month ago
Yeah, it’s designed for real-time data streaming.
upvoted 0 times
...
Arlene
5 months ago
I agree, C) Azure Event Hubs makes sense for that.
upvoted 0 times
...
...

Save Cancel