What should you do?

Your network contains an on-premises Active Directory domain. The domain contains servers that run Windows Server and have advanced auditing enabled.

The security logs of the servers are collected by using a third-party SIEM solution.

You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.

You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.

What should you do?
A . Configure Event Forwarding on the domain controllers
B . Configure auditing in the Office 365 Security & Compliance center.
C . Turn on Delayed updates for the Azure ATP sensors.
D . Enable the Audit account management Group Policy setting for the servers.

Answer: A

Explanation:

Reference: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/configure-event-forwarding

Latest MS-500 Dumps Valid Version with 193 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments