AZ-500 Question #233: Real Exam Question with Answer & Explanation

Sign in or unlock AZ-500 to reveal the answer and full explanation for question #233. The question stem and answer options stay visible for context.

Submitted by yuriko_h· Mar 6, 2026Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel

Question

Hotspot Question You have an Azure subscription that contains an Azure Sentinel workspace. Azure Sentinel is configured to ingest logs from several Azure workloads. A third-party service management platform is used to manage incidents. You need to identify which Azure Sentinel components to configure to meet the following requirements: - When Azure Sentinel identifies a threat, an incident must be created. - A ticket must be logged in the service management platform when an incident is created in Azure Sentinel. Which component should you identify for each requirement? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. Answer:

Options

__typehotspot
variantdropdown

Unlock AZ-500 to see the answer

You've previewed enough free AZ-500 questions. Unlock AZ-500 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock AZ-500 - $49.99 / 30 days Sign in

Topics

#Azure Sentinel#Analytics rules#Playbooks#Incident management

Full AZ-500 Practice Browse All AZ-500 Questions