HOTSPOT

You have an Azure subscription that contains an Azure Sentinel workspace.

Azure Sentinel is configured to ingest logs from several Azure workloads. A third-party service management platform is used to manage incidents.

You need to identify which Azure Sentinel components to configure to meet the following requirements:

When Azure Sentinel identifies a threat, an incident must be created.

A ticket must be logged in the service management platform when an incident is created in Azure Sentinel.

Which component should you identify for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Lösung einblenden Lösung ausblenden

Richtige Antwort:

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/sentinel/create-incidents-from-alerts

https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook

HOTSPOT

You have an Azure subscription that contains a web app named App1 and an Azure key vault named Vault1.

You need to configure App1 to store and access the secrets in Vault1.

How should you configure App1? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Lösung einblenden Lösung ausblenden

Richtige Antwort:

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity?tabs=dotnet

You company has an Azure Active Directory (Azure AD) tenant named contoso.com.

You plan to create several security alerts by using Azure Monitor.

You need to prepare the Azure subscription for the alerts.

What should you create first?

Lösung einblenden Lösung ausblenden

HOTSPOT

You have an Azure Active Directory (Azure AD) tenant named contoso.com.

The tenant contains the users shown in the following table.

You configure an access review named Review1 as shown in the following exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.

Lösung einblenden Lösung ausblenden

Richtige Antwort:

Explanation:

Box 1: User3 only

Use the Members (self) option to have the users review their own role assignments.

Box 2: User3 will receive a confirmation request

Use the Should reviewer not respond list to specify what happens for users that are not reviewed by the reviewer within the review period. This setting does not impact users who have been reviewed by the reviewers manually. If the final reviewer’s decision is Deny, then the user’s access will be removed.

No change – Leave user’s access unchanged

Remove access – Remove user’s access

Approve access – Approve user’s access

Take recommendations – Take the system’s recommendation on denying or approving the user’s continued access

Reference: https://docs.microsoft.com/bs-latn-ba/azure/active-directory/privileged-identity-management/pim-how-to-start-security-review

HOTSPOT

You are configuring just in time (JIT) VM access to a set of Azure virtual machines.

You need to grant users PowerShell access to the virtual machine by using JIT VM access.

What should you configure? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Lösung einblenden Lösung ausblenden

Richtige Antwort:

Explanation:

You plan to use Azure Resource Manager templates to perform multiple deployments of identically configured Azure virtual machines. The password for the administrator account of each deployment is stored as a secret in different Azure key vaults.

You need to identify a method to dynamically construct a resource ID that will designate the key vault

containing the appropriate secret during each deployment. The name of the key vault and the name of the

secret will be provided as inline parameters.

What should you use to construct the resource ID?

Lösung einblenden Lösung ausblenden

DRAG DROP

Your network contains an on-premises Active Directory domain named contoso.com. The domain contains a user named User1.

You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains an Azure Storage account named storage1. Storage1 contains an Azure file share named share1.

Currently, the domain and the tenant are not integrated.

You need to ensure that User1 can access share1 by using his domain credentials.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Lösung einblenden Lösung ausblenden

Richtige Antwort:

Explanation:

Reference: https://docs.microsoft.com/en-us/azure/security-center/security-center-compliance-dashboard

You create a new Azure subscription.

You need to ensure that you can create custom alert rules in Azure Security Center.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.

Lösung einblenden Lösung ausblenden

You have an Azure subscription.

You plan to map an online infrastructure and perform vulnerability scanning for the following:

• ASNs

• Hostnames

• IP addresses

• SSL certificates What should you use?

Lösung einblenden Lösung ausblenden

You have the Azure resource shown in the following table.

You need to meet the following requirements:

* Internet-facing virtual machines must be protected by using network security groups (NSGs).

* All the virtual machines must have disk encryption enabled.

What is the minimum number of security that you should create in Azure Security Center?

Lösung einblenden Lösung ausblenden