New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-200 Exam - Topic 4 Question 102 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 102
Topic #: 4
[All SC-200 Questions]

You have an Azure subscription that has Azure Defender enabled for all supported resource types.

You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution.

To which service should you export the alerts?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Ariel at Nov 21, 2025, 07:19 PM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Alishia
14 days ago
I thought Data Lake could work, but Event Hubs makes more sense.
upvoted 0 times
...
Annice
19 days ago
Wait, are we sure it's not Event Grid? Seems like a good option too.
upvoted 0 times
...
Maryann
24 days ago
Definitely agree with that! Event Hubs is the way to go.
upvoted 0 times
...
Dana
29 days ago
C) Azure Event Hubs, no doubt about it. Anything else would be like trying to use a spoon to dig a hole. Just doesn't make sense.
upvoted 0 times
...
Jacqueline
1 month ago
Hmm, I'm going with C) Azure Event Hubs. It's the most logical option for this use case. Anything else would just be a waste of time and resources.
upvoted 0 times
...
Bev
1 month ago
C) Azure Event Hubs is the obvious choice here. Anything else would be like trying to fit a square peg in a round hole.
upvoted 0 times
...
Rodolfo
1 month ago
I agree, Azure Event Hubs is the way to go. It's designed for high-throughput, real-time data ingestion, which is exactly what you need for alert exports.
upvoted 0 times
...
Sommer
2 months ago
I’m leaning towards Azure Event Hubs too, but I wonder if there’s a specific reason we wouldn’t use Azure Cosmos DB for this?
upvoted 0 times
...
Stephaine
2 months ago
I practiced a similar question, and I feel like Azure Data Lake is more for storage rather than real-time alerts.
upvoted 0 times
...
Oneida
2 months ago
I’m not entirely sure, but I remember something about Azure Event Grid being used for event routing. Could that be it?
upvoted 0 times
...
Diane
2 months ago
I think we might need to export to Azure Event Hubs since it’s designed for high-throughput data streaming.
upvoted 0 times
...
Melvin
2 months ago
I'm a bit confused on this one. Is Azure Event Grid also an option for exporting alerts? I'll have to think through the differences between the services to decide.
upvoted 0 times
...
Annice
3 months ago
I think it's Azure Event Hubs for exporting alerts.
upvoted 0 times
...
Nguyet
3 months ago
Okay, I've got this. Azure Event Hubs is designed for high-volume data ingestion, which is perfect for sending alerts to a SIEM. I'm confident that's the right answer.
upvoted 0 times
...
Vannessa
3 months ago
The key here is that we need to export the alerts to enable retrieval by a third-party SIEM solution. Based on that, I'm leaning towards C) Azure Event Hubs as the best choice.
upvoted 0 times
...
Annelle
3 months ago
C) Azure Event Hubs is the correct answer. It's the perfect service to export high-severity alerts for integration with a SIEM solution.
upvoted 0 times
...
Ryan
4 months ago
Hmm, I'm not sure about this one. I'll need to review the Azure Defender documentation again to make sure I understand the options for exporting alerts.
upvoted 0 times
...
Cecilia
4 months ago
I think the answer is C) Azure Event Hubs. That seems like the most logical choice for exporting alerts to a SIEM solution.
upvoted 0 times
Arlene
3 months ago
I agree, C) Azure Event Hubs makes sense for that.
upvoted 0 times
...
...

Save Cancel