Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 4 question 1 discussion

Actual exam question from Microsoft's SC-200
Question #: 1
Topic #: 4
[All SC-200 Questions]

You have an Azure subscription that contains a Microsoft Sentinel workspace named WS1 and 100 virtual machines that run Windows Server.

You need to configure the collection of Windows Security event logs for ingestion to WS1. The solution must meet the following requirements:

• Capture a full user audit trail including user sign-in and user sign-out events.
• Minimize the volume of events.
• Minimize administrative effort.

Which event set should you select?

  • A. Minimal
  • B. Common
  • C. All events
  • D. Custom
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by mayu01 at March 31, 2024, 7:06 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
sapphire
2 weeks, 1 day ago
Selected Answer: B
Common - A standard set of events for auditing purposes. A full user audit trail is included in this set. For example, it contains both user sign-in and user sign-out events (event IDs 4624, 4634).
upvoted 2 times
...
rsanx42
6 months ago
Selected Answer: B
B is correct. https://learn.microsoft.com/en-us/azure/sentinel/windows-security-event-id-reference
upvoted 2 times
...
ostralo
7 months, 4 weeks ago
Selected Answer: B
https://learn.microsoft.com/en-us/azure/sentinel/windows-security-event-id-reference
upvoted 3 times
...
mayu01
8 months ago
A by chat gpt
upvoted 1 times
Tuitor01
4 days, 14 hours ago
There is a big disclaimer when you use chatGPT.
upvoted 1 times
...
rsanx42
6 months ago
Minimal does not cover a full audit trail as the question ask for so answer is B. https://learn.microsoft.com/en-us/azure/sentinel/windows-security-event-id-reference
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel