Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

You are configuring Microsoft Defender for Cloud to automatically respond to medium and high-severity alerts raised in a Log Analytics workspace that is connected to a Microsoft Sentinel instance. All responses must run without human intervention and should be reusable across multiple subscriptions. Which action should you take first to meet these requirements?

  • Create a Logic App-based automation workflow from the Microsoft Defender for Cloud Automation page.

  • Assign an Azure Policy initiative that deploys remediation tasks upon alert creation.

  • Create an analytics rule in Microsoft Sentinel that runs a playbook when an alert is generated.

  • Define an action group in Azure Monitor and attach it to the subscriptions.

Microsoft Azure Security Engineer Associate AZ-500
Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot