Exam MS-500 topic 2 question 62 discussion

o use Jupyter notebooks in Microsoft Sentinel, you must first have the right permissions, depending on your user role. While you can run Microsoft Sentinel notebooks in JupyterLab or Jupyter classic, in Microsoft Sentinel, notebooks are run on an Azure Machine Learning (Azure ML) platform. To run notebooks in Microsoft Sentinel, you must have appropriate access to both Microsoft Sentinel workspace and an Azure ML workspace.

The answer is C. an Azure Machine Learning workspace. Microsoft Sentinel notebooks are run on an Azure Machine Learning (Azure ML) platform. To run notebooks in Microsoft Sentinel, you must have appropriate access to both Microsoft Sentinel workspace and an Azure ML workspace. So, the first thing you need to do is create an Azure ML workspace. Once you have created an Azure ML workspace, you can then launch the Guided Investigation – Process Alerts notebook in Sentinel1. The other options are incorrect. Option A, an Azure logic app, is incorrect because Azure logic apps are used to automate workflows, not to run notebooks. Option B, a Log Analytics workspace, is incorrect because Log Analytics workspaces are used to store and analyze data, not to run notebooks. Option D, a Kusto query, is incorrect because Kusto queries are used to query data in Log Analytics workspaces, not to run notebooks. Therefore, the correct answer is C. https://learn.microsoft.com/en-us/azure/sentinel/notebooks

C is correct. "Microsoft Sentinel, notebooks are run on an Azure Machine Learning (Azure ML) platform. To run notebooks in Microsoft Sentinel, you must have appropriate access to both Microsoft Sentinel workspace and an Azure ML workspace." https://learn.microsoft.com/en-us/azure/sentinel/notebooks#manage-access-to-microsoft-sentinel-notebooks

Answer seems to be correct according to this link https://learn.microsoft.com/en-us/azure/sentinel/notebooks While you can run Microsoft Sentinel notebooks in JupyterLab or Jupyter classic, in Microsoft Sentinel, notebooks are run on an Azure Machine Learning (Azure ML) platform. To run notebooks in Microsoft Sentinel, you must have appropriate access to both Microsoft Sentinel workspace and an Azure ML workspace.

Seems like C is correct - https://www.youtube.com/watch?v=OWjXee8o04M, please ignore other comments.

Seems like A is correct - https://www.youtube.com/watch?v=OWjXee8o04M

Seems like A is correct - https://www.youtube.com/watch?v=OWjXee8o04M

No real idea here.Other Dumps mention Kusto Query as correct. Could not find any real proof from Microsoft Sources that relate to this question.