ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-801 All Questions

View all questions & answers for the AZ-801 exam
Go to Exam

Exam AZ-801 topic 1 question 31 discussion

Actual exam question from Microsoft's AZ-801
Question #: 31
Topic #: 1
[All AZ-801 Questions]

You have an on-premises server named Server1 that runs Windows Server 2022 Standard.

You have an Azure subscription that contains the virtual machines shown in the following table.



The subscription contains a Microsoft Sentinel instance named Sentinel1 in the Central US Azure region.

You need to implement the Windows Firewall connector.

Which servers can send Windows Firewall logs to Sentinel1?

  • A. VM1 only
  • B. VM2 only
  • C. VM1 and Server1 only
  • D. VM1, VM2, and VM3 only
  • E. VM1, VM2, and Server1 only
  • F. VM1, VM2, VM3, and Server1
Show Suggested Answer Hide Answer
Suggested Answer: E 🗳️
by NicolaF at Nov. 14, 2024, 6:22 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kenda1535
1 day, 13 hours ago
Selected Answer: E
Azure Virtual Machines: VM1 (Windows Server 2022 Datacenter: Azure Edition) is fully compatible with the Windows Firewall connector due to its Azure-specific capabilities and integration with Azure services. VM2 (Windows Server 2019 Datacenter) is also compatible with the Windows Firewall connector, as it's a recent Windows Server version. On-premises Server: Server1 (Windows Server 2022 Standard) can also send Windows Firewall logs to Sentinel1 using the Windows Firewall Connector. This requires an agent to be installed on the on-premises server. VM3 Incompatibility: VM3 (Windows Server 2016 Datacenter) is not directly compatible with the Windows Firewall connector. While it's possible to use third-party solutions or custom scripts to extract and send firewall logs to Sentinel1, it's not a straightforward and officially supported method. Therefore, the correct answer is E. VM1, VM2, and Server1 only.
upvoted 1 times
...
NicolaF
4 weeks ago
based on https://learn.microsoft.com/en-us/azure/sentinel/connect-services-windows-based#log-analytics-agent-legacy and https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-supported-operating-systems the connector is supported even on 2012R2
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago