Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam AZ-801 Topic 14 Question 62 Discussion

Actual exam question for Microsoft's AZ-801 exam
Question #: 62
Topic #: 14
[All AZ-801 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.

You have an on-premises server named Server1 that runs Windows Server.

You have a Microsoft Sentinel instance.

You add the Windows Firewall data connector in Microsoft Sentine1.

You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

Solution: You install the Azure Connected Machine agent on Server1.

Does this meet the goal?

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

Joesph
2 months ago
I'll go with option A) Yes then, since installing the agent seems like the right approach.
upvoted 0 times
...
Harrison
2 months ago
I'm not sure, but I think installing the agent is the most straightforward solution.
upvoted 0 times
...
Gabriele
2 months ago
But what if there is another way to achieve the same goal without installing the agent?
upvoted 0 times
...
Joesph
3 months ago
I agree with Harrison, that should meet the goal of collecting Windows Firewall logs.
upvoted 0 times
...
Vernice
3 months ago
Wait, so I can't go back and review the previous questions? That's a bit of a bummer. Oh well, I guess I'll just have to wing it.
upvoted 0 times
Alonzo
2 months ago
Oh well, I guess I'll just have to wing it.
upvoted 0 times
...
Apolonia
2 months ago
B) No
upvoted 0 times
...
Marylou
2 months ago
A) Yes
upvoted 0 times
...
...
Meaghan
3 months ago
Haha, I bet the person who wrote this question is an Azure fanboy. Why not just use the built-in Windows Event Collector?
upvoted 0 times
...
Myra
3 months ago
No, that's not correct. The Azure Connected Machine agent is for managing and monitoring Azure Arc-enabled servers, not for collecting logs from on-premises servers.
upvoted 0 times
Kanisha
3 months ago
B) No
upvoted 0 times
...
Regenia
3 months ago
A) Yes
upvoted 0 times
...
...
Harrison
3 months ago
I think the solution is to install the Azure Connected Machine agent on Server1.
upvoted 0 times
...
Lucille
3 months ago
Yes, that's the right solution. The Azure Connected Machine agent allows Sentinel to collect logs from on-premises servers like Server1.
upvoted 0 times
Buffy
3 months ago
Great, thanks for confirming!
upvoted 0 times
...
Twanna
3 months ago
Yes, that's the right solution. The Azure Connected Machine agent allows Sentinel to collect logs from on-premises servers like Server1.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77