New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-200 Exam - Topic 3 Question 28 Discussion

Actual exam question for Microsoft's SC-200 exam
Question #: 28
Topic #: 3
[All SC-200 Questions]

You have a third-party security information and event management (SIEM) solution.

You need to ensure that the SIEM solution can generate alerts for Azure Active Directory (Azure AD) sign-events in near real time.

What should you do to route events to the SIEM solution?

Show Suggested Answer Hide Answer
Suggested Answer: B

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/overview-monitoring

by Lashaunda at May 09, 2022, 08:36 PM

Limited Time Offer

25%

Off

Get Premium SC-200 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Wilbert
4 months ago
I’m not so sure about C, isn’t it just for monitoring?
upvoted 0 times
...
Cheryl
4 months ago
Totally agree with B, it’s the most efficient method!
upvoted 0 times
...
Owen
4 months ago
Wait, can you really get near real-time with option D? Seems off.
upvoted 0 times
...
Marshall
4 months ago
I think A is better for security events specifically.
upvoted 0 times
...
Pearlene
5 months ago
Option B is the way to go for real-time alerts!
upvoted 0 times
...
Emilio
5 months ago
I remember that archiving to a storage account wouldn't help with real-time alerts, so I think that option can be ruled out right away.
upvoted 0 times
...
Elenora
5 months ago
I’m a bit confused between the Azure Sentinel workspace options. I thought both connectors could work, but I can't recall which one is specifically for Azure AD sign-in events.
upvoted 0 times
...
Temeka
5 months ago
I practiced a similar question where we had to set up alerts for Azure AD, and I feel like the event hub option was the right choice for real-time alerts.
upvoted 0 times
...
Lottie
5 months ago
I think I remember something about using Azure AD diagnostics settings to stream events, but I'm not sure if it's to an event hub or something else.
upvoted 0 times
...
Youlanda
5 months ago
I'm pretty confident about this one. I think the key is understanding the core principles of SDN, like the separation of control and data planes. Option B looks like the correct answer to me.
upvoted 0 times
...
Alpha
5 months ago
Hmm, this seems like a tricky one. I'll need to carefully consider the different leadership styles and how they relate to the description provided.
upvoted 0 times
...
Vanda
5 months ago
I think it's similar to the practice question we did on hedging with swaptions. You want to limit losses while taking advantage of potential gains, right?
upvoted 0 times
...
Audry
5 months ago
I'm not entirely sure, but I feel like poor password management was also mentioned a lot in our studies.
upvoted 0 times
...
Floyd
5 months ago
I'm a little confused by this question. There seem to be a lot of options, and I'm not sure which two are the correct steps. I'll have to read through it again carefully and try to eliminate the wrong answers.
upvoted 0 times
...

Save Cancel