PdfPrep.com

What should you do?

Your network contains an on-premises Active Directory domain.

Your company has a security policy that prevents additional software from being installed on domain controllers.

You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP).

What should you do? More than once choice may achieve the goal. Select the BEST answer.
A . Deploy an Azure ATP standalone sensor, and then configure port mirroring.
B . Deploy an Azure ATP standalone sensor, and then configure detections.
C . Deploy an Azure ATP sensor, and then configure detections.
D . Deploy an Azure ATP sensor, and then configure port mirroring.

Answer: C

Explanation:

If you’re installing on a domain controller, you don’t need a standalone ATP sensor. You need to configure the detections to detect application installations. With an ATP sensor (non-standalone), you don’t need to configure port mirroring.

Reference:

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-capacity-planning#choosing-the-right-sensor-type-for-your-deployment

Exit mobile version