Exam AZ-500 topic 4 question 104 discussion

Given answer is correct. To avoid alert fatigue, Defender for Cloud limits the volume of outgoing mails. For each subscription, Defender for Cloud sends: approximately four emails per day for high-severity alerts approximately two emails per day for medium-severity alerts approximately one email per day for low-severity alerts https://learn.microsoft.com/en-us/azure/defender-for-cloud/configure-email-notifications

High-severity alerts: 01:01 - Successful RDP brute force attack 06:10 - Suspicious process executed 09:00 - Malicious SQL activity 13:30 - Suspicious process executed 16:01 - Successful RDP brute force attack 23:25 - Modified system binary discovered in dump file 23:30 - Malicious SQL activity RDP related: 2 Overall: 4 (due to the limit) Medium-severity alerts: 01:00 - Failed RDP brute force attack 14:00 - Failed RDP brute force attack RDP related: 2 Overall: 2 Low-severity alerts: 11:15 - Network communication with a malicious machine detected 23:20 - Possible outgoing spam activity detected RDP related: 0 Overall: 1 (due to the limit) So the answer is: RDP = 2 + 2 + 0 = 4 Overall = 4 + 2 +1 = 7

Exam question 6th April 2025

Box1: 4 Box2: 7

Refer to screenshot of Configure email notifications (URL below): You will receive a maximum of one email per 6 hours for high-severity alerts, one email per 12 hours for medium- severity alerts, and one email per 24 hours for low-severity alerts. https://learn.microsoft.com/en-us/azure/defender-for-cloud/media/configure-email-notifications/email-notification-settings.png Answer: Box 1: 4 Box 2: 7

Based on this- https://learn.microsoft.com/en-us/azure/defender-for-cloud/configure-email-notifications, the answer should be 3 and 7

In exam aug,2023

Shouldn't the answer be 3 and 7? High alert email has already been used up (4) times on 13:30, making 16:01 not being sent out.

3 and 7

I think 11 in box 2. Because it's all alerts including bruteforce alerts?

Repeat. Box1: 4 Box2: 7 Is correct.