Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam AZ-801 Topic 6 Question 44 Discussion

Actual exam question for Microsoft's AZ-801 exam
Question #: 44
Topic #: 6
[All AZ-801 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it as a result, these questions will not appear in the review screen.

You have an on-premises server named Server1 that runs Windows Server.

You have a Microsoft Sentinel instance.

You add the Windows Firewall data connector in Microsoft Sentine1.

You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

Solution: You install the Azure Connected Machine agent on Server1.

Does this meet the goal?

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

Tandra
8 months ago
I'm with you guys. This solution just doesn't seem right. It's like trying to use a screwdriver to hammer in a nail. There's got to be a more logical way to get those Windows Firewall logs into Sentinel.
upvoted 0 times
...
Annelle
8 months ago
Hmm, this is a tricky one. I'm wondering if the solution is missing a step or if there's a different approach we should be considering. Maybe we need to look at configuring the Windows Event Forwarding or something along those lines to get the logs into Sentinel.
upvoted 0 times
...
Pearlene
8 months ago
Yeah, I agree. The Azure Connected Machine agent is typically used for Azure Arc, which is for managing hybrid and multi-cloud environments. I'm not sure how that would help us collect Windows Firewall logs on an on-premises server.
upvoted 0 times
Carin
8 months ago
B
upvoted 0 times
...
Luis
8 months ago
A
upvoted 0 times
...
...
Edgar
8 months ago
I'm not sure about this question. The solution provided seems a bit odd to me. Installing the Azure Connected Machine agent on the on-premises server to collect Windows Firewall logs? Shouldn't we be looking at a more straightforward way to connect the logs to Sentinel?
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77