What should you do?

Posted by: Pdfprep Category: MS-500 Tags: , ,

Your network contains an on-premises Active Directory domain. The domain contains servers that run

Windows Server and have advanced auditing enabled.

The security logs of the servers are collected by using a third-party SIEM solution.

You purchase a Microsoft 365 subscription and plan to deploy Azure Advanced Threat Protection (ATP) by using standalone sensors.

You need to ensure that you can detect when sensitive groups are modified and when malicious services are created.

What should you do?
A . Configure auditing in the Office 365 Security & Compliance center.
B . Turn off Delayed updates for the Azure ATP sensors.
C . Modify the Domain synchronizer candidate’s settings on the Azure ATP sensors.
D . Integrate SIEM and Azure AT

Answer: C

Explanation:

References: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5

Leave a Reply

Your email address will not be published.