Microsoft Exam SC-100 Topic 1 Question 59 Discussion

Actual exam question for Microsoft's SC-100 exam

Question #: 59
Topic #: 1

[All SC-100 Questions]

A customer has a hybrid cloud infrastructure that contains a Microsoft 365 E5 subscription and an Azure subscription.

All the on-premises servers in the perimeter network are prevented from connecting directly to the internet.

The customer recently recovered from a ransomware attack.

The customer plans to deploy Microsoft Sentinel.

You need to recommend configurations to meet the following requirements:

* Ensure that the security operations team can access the security logs and the operation logs.

* Ensure that the IT operations team can access only the operations logs, including the event logs of the servers in the perimeter network.

Which two configurations can you include in the recommendation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.

AAzure Active Directory (Azure AD) Conditional Access policies

Ba custom collector that uses the Log Analytics agent

Cresource-based role-based access control (RBAC)

Dthe Azure Monitor agent

Show Suggested Answer

Suggested Answer: D

by Vinnie at Jan 11, 2025, 07:42 AM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Pamella

1 months ago

The IT ops team is so excited about the operations logs, they're planning a special 'Log Appreciation Day' with cake and streamers. Just don't tell the security team - they might crash the party!

upvoted 0 times

...

Emilio

1 months ago

Hmm, this looks like a job for the log-wrangling, RBAC-juggling, Azure-hugging superhero! I'd go with B and C to get the job done.

upvoted 0 times

Gladis

6 days ago

The Azure Monitor agent might be a good addition to the recommendation to enhance monitoring capabilities.

upvoted 0 times

...

Selma

9 days ago

Azure Active Directory (Azure AD) Conditional Access policies could also be useful in controlling access to the logs.

upvoted 0 times

...

Cherri

13 days ago

Resource-based role-based access control (RBAC) is essential to ensure the IT operations team can access only the necessary logs.

upvoted 0 times

...

Maryanne

14 days ago

I agree, using a custom collector with the Log Analytics agent will definitely help with accessing the security and operation logs.

upvoted 0 times

...

Hubert

1 months ago

This is a tricky one, but I'm leaning towards B and D. The custom collector and Azure Monitor agent can handle the log collection, and RBAC can manage the access control.

upvoted 0 times

...

Detra

1 months ago

A and D seem like the way to go. Azure AD Conditional Access policies can secure access to the logs, and the Azure Monitor agent can collect the necessary data.

upvoted 0 times

Meaghan

4 days ago

A: It's important to have the right configurations in place, especially after recovering from a ransomware attack.

upvoted 0 times

...

Keneth

7 days ago

B: Yes, and deploying the Azure Monitor agent will ensure that the necessary data is collected for monitoring.

upvoted 0 times

...

Trinidad

10 days ago

A: I agree, using Azure AD Conditional Access policies can help control who has access to the logs.

upvoted 0 times

...

Robt

1 months ago

I think B and C would work well here. The custom collector using the Log Analytics agent can gather the security and operations logs, and resource-based RBAC can help control access to those logs.

upvoted 0 times

Arminda

19 days ago

Azure Active Directory Conditional Access policies could also be useful to further secure access to the logs.

upvoted 0 times

...

Theresia

1 months ago

Resource-based RBAC can definitely help control access to the logs based on team roles.

upvoted 0 times

...

Lashon

1 months ago

I agree, using a custom collector with Log Analytics agent can help gather the necessary logs.

upvoted 0 times

...

Francoise

2 months ago

I believe we should also include a custom collector that uses the Log Analytics agent to meet the requirements.

upvoted 0 times

...

Candra

3 months ago

I agree with you, Sherell. That will help ensure that the security operations team can access the security logs and the operation logs.

upvoted 0 times

...

Sherell

3 months ago

I think we should include Azure Active Directory Conditional Access policies in the recommendation.

upvoted 0 times

...