ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 4 question 50 discussion

Actual exam question from Microsoft's AZ-500
Question #: 50
Topic #: 4
[All AZ-500 Questions]

DRAG DROP -
You have an Azure subscription that contains 100 virtual machines. Azure Diagnostics is enabled on all the virtual machines.
You are planning the monitoring of Azure services in the subscription.
You need to retrieve the following details:
✑ Identify the user who deleted a virtual machine three weeks ago.
✑ Query the security events of a virtual machine that runs Windows Server 2016.
What should you use in Azure Monitor? To answer, drag the appropriate configuration settings to the correct details. Each configuration setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Box1: Activity log -
Azure activity logs provide insight into the operations that were performed on resources in your subscription. Activity logs were previously known as ג€audit logsג€ or
ג€operational logs,ג€ because they report control-plane events for your subscriptions.
Activity logs help you determine the ג€what, who, and whenג€ for write operations (that is, PUT, POST, or DELETE).

Box 2: Logs -
Log Integration collects Azure diagnostics from your Windows virtual machines, Azure activity logs, Azure Security Center alerts, and Azure resource provider logs. This integration provides a unified dashboard for all your assets, whether they're on-premises or in the cloud, so that you can aggregate, correlate, analyze, and alert for security events.
Reference:
https://docs.microsoft.com/en-us/azure/security/azure-log-audit
by Jhonsteve83 at May 14, 2020, 8:16 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kristiann21
Highly Voted 3 years, 11 months ago
correct answer. undeniably.
upvoted 38 times
...
gfhbox0083
Highly Voted 3 years, 10 months ago
Answer is Correct
upvoted 13 times
...
wardy1983
Most Recent 5 months, 1 week ago
Explanation: Box1: Activity log - Azure activity logs provide insight into the operations that were performed on resources in your subscription. Activity logs were previously known as audit logs or operational logs, because they report control-plane events for your subscriptions. Activity logs help you determine the what, who, and when for write operations (that is, PUT, POST, or DELETE). Box 2: Logs - Log Integration collects Azure diagnostics from your Windows virtual machines, Azure activity logs, Azure Security Center alerts, and Azure resource provider logs. This integration provides a unified dashboard for all your assets, whether they're on-premises or in the cloud, so that you can aggregate, correlate, analyze, and alert for security events. Reference: https://docs.microsoft.com/en-us/azure/security/azure-log-audit
upvoted 3 times
...
majstor86
1 year, 1 month ago
1. Activity Logs 2. Logs
upvoted 4 times
...
ligu
1 year, 2 months ago
The answers are correct
upvoted 1 times
...
F117A_Stealth
1 year, 5 months ago
100% correct... 1. Activity Logs 2. Logs Simple...
upvoted 2 times
...
Amit3
1 year, 7 months ago
# In EXAM - 01-Oct-2022, 1 Case Study (6 Ques), No Labs, Plus 44 Ques.
upvoted 3 times
Diodx
1 year, 5 months ago
Does the questions are a little bit the same? because the exam is updated on first of november and these questions are updated for the last time one 31-10
upvoted 2 times
...
...
MoFami
1 year, 10 months ago
On exam 01 July 2022
upvoted 2 times
...
Eltooth
2 years, 1 month ago
Answer is correct.
upvoted 2 times
...
subhuman
2 years, 2 months ago
Answer is correct,
upvoted 2 times
...
zioggs
2 years, 5 months ago
Exam - 4/11/21
upvoted 2 times
...
itbrpl
2 years, 6 months ago
Today's exam 20/10/21..
upvoted 1 times
...
kam117
2 years, 7 months ago
## Exam Question - 24 Sept 2021 ##
upvoted 1 times
...
Sandomj55
2 years, 8 months ago
In Exam 8/4/2021
upvoted 3 times
...
sensa
3 years, 2 months ago
in exam
upvoted 8 times
...
mayenite
3 years, 2 months ago
In exam
upvoted 7 times
...
DA0410
3 years, 5 months ago
correct. I was monitoring manually 150 servers till 2008. First it took 3 months to analize all logs. Then it reduce to 3 days. I was making amber and red logs green by resolving issues. ( SQL autheticcation error, due pwd change, Disk failure warning first amber, then red, then boom!, I prevented so many disasters by proactive monitoring) ) I thought I am outdated, but Azure created things I was thinking as shortcoming in OS world in past for monitoring event logs. Now queries made it simple. I was thinking of such queries in 2002!
upvoted 10 times
DA0410
3 years, 5 months ago
Also I remember how we had caught hacker by evaluating logs. There was incident in 2012 when user reported unwanted suspicious folders created in d drive on windows server. I checked who created folder , user name %user% IP address was detected ( RDP was used). We checked IP address on internet. SIM was pointing to country %country name%. Complained was logged. INtruder was caught with the help of SIM ISP provider telecom company. No tool was used Just log monitoring was used.
upvoted 13 times
...
AlaReAla
2 years, 10 months ago
Wasn't azure launched in Feb'10?
upvoted 4 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago