Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

Microsoft Exam AZ-500 Topic 3 Question 81 Discussion

Actual exam question for Microsoft's AZ-500 exam

Question #: 81
Topic #: 3

[All AZ-500 Questions]

You have an Azure subscription that contains a SQL Server on Azure Virtual Machines instance named SQt1 and a Microsoft Sentinel workspace named Sentinel1.

You need to monitor security incidents on SQL1 by using Sentinel1.

What should you do first?

AOn SQL1, enable SQL1 Server audit.

BOn SQL1. install the Connected Machine agent for Azure Arc-enabled servers.

CFrom the Azure portal, create a Log Analytics workspace.

DFrom Sentinel1, enable VM insights.

Show Suggested Answer

Suggested Answer: A

by Magnolia at Mar 07, 2025, 12:18 PM

Limited Time Offer

25%

Off

Get Premium AZ-500 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ngoc

23 days ago

Wait, is option B really about connecting SQL1 to Azure Arc? I thought that was just a way to get robots to do our server maintenance. Gotta love automation!

upvoted 0 times

...

Domitila

24 days ago

I'm feeling option D, 'cause who doesn't love enabling VM insights? It's like unleashing a horde of security-hungry unicorns on SQL1.

upvoted 0 times

...

Tamesha

24 days ago

I see your point, Elvera. Let's go with creating a Log Analytics workspace first.

upvoted 0 times

...

Leatha

25 days ago

Hold up, what about option A? Enabling SQL1 Server audit is crucial for Sentinel1 to get its hands on that juicy security data. Gotta do that first.

upvoted 0 times

Elena

7 days ago

C) From the Azure portal, create a Log Analytics workspace.

upvoted 0 times

...

Annice

8 days ago

A) On SQL1, enable SQL1 Server audit.

upvoted 0 times

...

...

Elvera

25 days ago

That's a good point, but I think creating a Log Analytics workspace is still the best initial step.

upvoted 0 times

...

Vannessa

26 days ago

But wouldn't enabling VM insights from Sentinel1 be more beneficial for monitoring security incidents?

upvoted 0 times

...

Tamesha

27 days ago

I agree with Elvera, creating a Log Analytics workspace seems like the right first step.

upvoted 0 times

...

Elvera

1 months ago

I think we should create a Log Analytics workspace first.

upvoted 0 times

...

Lea

1 months ago

Hmm, I'd say C is the right choice. Creating a Log Analytics workspace is the first step to get Sentinel1 monitoring those SQL1 security incidents.

upvoted 0 times

Thaddeus

19 days ago

User3: Agreed, that's the way to go to monitor those security incidents.

upvoted 0 times

...

Brandon

21 days ago

User2: Yeah, creating a Log Analytics workspace is the first step.

upvoted 0 times

...

Junita

1 months ago

User1: I think C is the best option.

upvoted 0 times

...

...

Antonio

1 months ago

Option B seems the way to go. Gotta get that Connected Machine agent installed on SQL1 to connect it to Azure Arc, then Sentinel1 can work its magic.

upvoted 0 times

Patria

20 days ago

That's right! Enabling VM insights on Sentinel1 will help us monitor security incidents on SQL1.

upvoted 0 times

...

Latia

22 days ago

D) From Sentinel1, enable VM insights.

upvoted 0 times

...

Keneth

23 days ago

Great idea! Once that's done, we can connect SQL1 to Azure Arc and start monitoring with Sentinel1.

upvoted 0 times

...

Wilson

1 months ago

B) On SQL1, install the Connected Machine agent for Azure Arc-enabled servers.

upvoted 0 times

...

...

az-700 pass4success az-104 200-301 200-201 cissp 350-401 350-201 350-501 350-601 350-801 350-901 az-720 az-305 pl-300

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77