Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

You are hardening the security observability of an Azure Container Apps (ACA) environment that hosts several mission-critical workloads. The security operations team must receive ACA runtime audit events in Microsoft Sentinel so that custom analytics rules can trigger alerts. Which action meets this requirement without deploying additional agents to the app instances?

  • Create an Azure Monitor diagnostic setting on the Container Apps environment that sends the ContainerAppSystemLogs and ContainerAppConsoleLogs categories to a Log Analytics workspace connected to Microsoft Sentinel.

  • Install the Azure Monitor VM extension on every Container Apps worker node and configure it to forward security events to Microsoft Sentinel.

  • Enable Microsoft Defender for Cloud's Defender for Containers plan for the subscription and rely on its agentless scanning to send audit events to Microsoft Sentinel.

  • Configure the ACA environment to export application logs to an Azure Storage account and enable Sentinel's Storage Data Connector.

Microsoft Azure Security Engineer Associate AZ-500
Secure compute, storage, and databases
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot