SC-200 · Question #442
SC-200 Question #442: Real Exam Question with Answer & Explanation
Sign in or unlock SC-200 to reveal the answer and full explanation for question #442. The question stem and answer options stay visible for context.
Question
You have three Azure subscriptions. Each subscription contains multiple virtual machines that run Windows Server. You have a Microsoft Sentinel workspace. You need to ensure that failed sign-in attempts from all the virtual machines can be analyzed by using Microsoft Sentinel. The solution must minimize administrative effort. What should you do first?
Options
- AFrom the Microsoft Defender portal, install the Windows Security Events solution.
- BOn each virtual machine, create an event subscription.
- COn each virtual machine, install the Azure Connected Machine agent.
- DFrom the Microsoft Defender portal, install the Syslog solution.
Unlock SC-200 to see the answer
You've previewed enough free SC-200 questions. Unlock SC-200 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.