HOTSPOT - For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point. Hot Area:
I think the first should be NO. Azure Sentinel use Log Analytics workspace to stored log. After 90 days if Sentinel is enabled. Then you can export of logs from your Log Analytics workspace to destinations such as Azure Storage and Event Hub.
More for this: Log Analytics workspace will keep your log inforatmion, after 90 days, you need pay money per G/month. If you want to use your storage account to store log, you need pay money to export log into your storage account or Event Hub. So first one is NO. storage account is only one option you can transfer log if you don't want pay money to keep. Log Analytics workspace is correct place.
By default, logs ingested into Microsoft Sentinel are stored in Azure Monitor Log Analytics.
See - https://learn.microsoft.com/en-us/azure/sentinel/store-logs-in-azure-data-explorer?tabs=adx-event-hub
Sentinel Stores your events in a Log Analytics workspace and can retrieve events from a starage location. it doesnt store the events in a storage location.
No, Azure Sentinel does not store collected events directly in an Azure Storage account. Instead, it uses Log Analytics workspaces to store and analyze data collected from various sources. So for the first one the answer should be NO
No. Azure Sentinel stores collected events in Azure Log Analytics workspaces, not in an Azure Storage account.
Yes. Azure Sentinel can remediate incidents automatically using Playbooks, which are collections of procedures that can be run from Azure Sentinel.
Yes. Azure Sentinel can collect Windows Defender firewall logs from Azure VMs.
YYY
https://learn.microsoft.com/en-us/azure/sentinel/data-connectors/azure-storage-account
Azure Storage account is a cloud solution for modern data storage scenarios. It contains all your data objects: blobs, files, queues, tables, and disks. This connector lets you stream Azure Storage accounts diagnostics logs into your Microsoft Sentinel workspace, allowing you to continuously monitor activity in all your instances, and detect malicious activity in your organization. For more information, see the
Hi guys, please check the below link for clarity, I will go with NYY.
As you plan your Microsoft Sentinel deployment, you typically want to understand its pricing and billing models to optimize your costs. Microsoft Sentinel's security analytics data is stored in an Azure Monitor Log Analytics workspace. Billing is based on the volume of data analyzed in Microsoft Sentinel and stored in the Log Analytics workspace. https://learn.microsoft.com/en-us/azure/sentinel/billing?tabs=simplified%2Ccommitment-tiers
YYY : Yes, Azure Sentinel can store collected events in an Azure Storage account. Azure Sentinel is a cloud-native security information and event management (SIEM) solution provided by Microsoft. It enables organizations to collect, analyze, and respond to security events and incidents across their environment.
Azure Sentinel can ingest data from various sources, including logs and events from Azure services, on-premises infrastructure, and third-party systems. The collected events can be stored in an Azure Storage account, which provides a scalable and durable storage solution for the data. This allows organizations to retain and analyze security event data over a longer period of time, as required by their compliance or investigative needs.
Microsoft Sentinel security analytics data is stored in an Azure Monitor Log Analytics workspace. Billing is based on the volume of that data in Microsoft Sentinel and the Azure Monitor Log Analytics workspace storage.
No, Azure Sentinel does not store collected events in an Azure Storage account. Azure Sentinel stores events in a centralized Log Analytics workspace. The Log Analytics workspace acts as the data repository for Azure Sentinel and provides a single place for storing, analyzing, and querying security-related data from various sources.
First answer is incorrect. As pointed out by others, Sentinel doesn't store content in storage account but in Log Analytics. Can say for sure since completed SC-200 few weeks back and SC-900 with 1000/1000 and one of the question was similar
https://azure.microsoft.com/en-us/pricing/details/azure-sentinel/
Microsoft Sentinel provides intelligent security analytics across your enterprise. The data for this analysis is stored in an Azure Monitor Log Analytics workspace. Microsoft Sentinel is billed based on the volume of data ingested for analysis in Microsoft Sentinel and stored in the Azure Monitor Log Analytics workspace. Microsoft Sentinel offers a flexible and predictable pricing model. There are two ways to pay for the Microsoft Sentinel service: Capacity Reservations and Pay-As-You-Go.
Q1: NO
This section is not available anymore. Please use the main Exam Page.AZ-900 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
wendyy
Highly Voted 3 years, 7 months agowendyy
3 years, 7 months agoFosnefes
2 years, 2 months agoVincentvdS
Highly Voted 3 years, 7 months agoZakirh
Most Recent 5 months agoe3ddceb
9 months, 2 weeks agosiculoct
10 months, 3 weeks agoPcservices
11 months, 3 weeks agoxqzit
1 year, 3 months agoWablo
1 year, 6 months agoRajivjain
1 year, 10 months agoCiupaz
2 years, 1 month agommatchev
2 years, 2 months agoContactfornitish
3 years, 1 month agoPreethiP
3 years, 2 months agoatilla
3 years, 3 months agopeymani
3 years, 4 months agomufflon
3 years, 4 months agoswapnasantoshi
3 years, 4 months ago