Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Microsoft Exam AZ-801 Topic 1 Question 63 Discussion

Actual exam question for Microsoft's AZ-801 exam
Question #: 63
Topic #: 1
[All AZ-801 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an on-premises server named Server1 that runs Windows Server.

You have a Microsoft Sentinel instance.

You add the Windows Firewall data connector in Microsoft Sentinel.

You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

Solution: You onboard Server1 to Microsoft Defender for Endpoint.

Does this meet the goal?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Dustin at Sep 17, 2024, 02:51 AM

Limited Time Offer

25%

Off

Get Premium AZ-801 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Leontine
2 months ago
Ah, the old 'let's just add more security tools' approach. Classic IT move, but not always the best solution. I vote no on this one. Let's find a more elegant way to get those Firewall logs into Sentinel.
upvoted 0 times
...
Troy
2 months ago
This is a tricky one. I'd have to double-check the documentation, but I'm pretty sure onboarding to Defender for Endpoint is overkill just to get Firewall logs in Sentinel. There's probably a simpler way to do it.
upvoted 0 times
...
Huey
2 months ago
No, I don't think this solution meets the goal. Onboarding to Defender for Endpoint is not directly related to collecting Windows Firewall logs in Sentinel. There might be a more straightforward way to set up the data connector without the Defender for Endpoint step.
upvoted 0 times
Carri
1 months ago
No, I don't think this solution meets the goal. Onboarding to Defender for Endpoint is not directly related to collecting Windows Firewall logs in Sentinel. There might be a more straightforward way to set up the data connector without the Defender for Endpoint step.
upvoted 0 times
...
Alaine
1 months ago
B) No
upvoted 0 times
...
Truman
1 months ago
B) No
upvoted 0 times
...
Tomas
1 months ago
No, I don't think this solution meets the goal. Onboarding to Defender for Endpoint is not directly related to collecting Windows Firewall logs in Sentinel. There might be a more straightforward way to set up the data connector without the Defender for Endpoint step.
upvoted 0 times
...
Margarett
2 months ago
B) No
upvoted 0 times
...
Paris
2 months ago
A) Yes
upvoted 0 times
...
Isadora
2 months ago
A) Yes
upvoted 0 times
...
...
Wilda
3 months ago
I'm not sure. Maybe we should consider other options as well before making a final decision.
upvoted 0 times
...
Coleen
3 months ago
I agree with Lawana. By onboarding Server1 to Microsoft Defender for Endpoint, Microsoft Sentinel should be able to collect Windows Firewall logs.
upvoted 0 times
...
Lawana
3 months ago
I think the solution is to onboard Server1 to Microsoft Defender for Endpoint.
upvoted 0 times
...
Carey
3 months ago
Yes, onboarding Server1 to Microsoft Defender for Endpoint should allow Microsoft Sentinel to collect the Windows Firewall logs. This makes sense since Defender for Endpoint includes the necessary agents and integration with Sentinel.
upvoted 0 times
Vicky
2 months ago
Yes, onboarding Server1 to Microsoft Defender for Endpoint should allow Microsoft Sentinel to collect the Windows Firewall logs. This makes sense since Defender for Endpoint includes the necessary agents and integration with Sentinel.
upvoted 0 times
...
Derick
2 months ago
A) Yes
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77