Previous

Next

Knowledge check

Completed

Tailwind Traders plans to make some significant changes to its Security Operations processes. They have asked for your assistance with recommendations and questions. Here are the specific requirements.

• Source of Logs. The Security department would like to understand how to evaluate security workflows and the most important logs available in Azure.

• Compliance. Tailwind Traders wants to certify that it complies with the latest Security Operations best practices.

Choose the best response for each of the questions below. Then select Check your answers.

Design security operations strategy

1.

What solution can Tailwind Traders use to evaluate security workflows in their Azure environment?

Azure Logic Apps could be used to evaluate and run automated workflows that integrate apps, data, services, and systems.

Azure Arc could be used to evaluate and run automated workflows that integrate apps, data, services, and systems.

Azure Monitor could be used to evaluate and run automated workflows that integrate apps, data, services, and systems.

2.

How can Tailwind Traders evaluate and use Threat Intelligence to secure their Azure environment?

Using Microsoft Sentinel, you can evaluate threat indicators to help detect malicious activity observed in an Azure environment and provide context to security investigators to help inform response decisions.

Using standardized logs, you can monitor for threat indicators in an Azure environment.

Using Unified Operations, you can evaluate threat indicators in an Azure environment.

3.

What are some Azure logs Tailwind Traders can monitor for a security incident?

You can use Activity Logs, Azure AD Reporting, and Network Security Group flow logs to monitor security incidents.

You can monitor storage services for performance metrics.

You can monitor Azure Network watcher to monitor diagnostics conditions.

You must answer all questions before checking your work.

Continue