Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

You manage Microsoft Defender for Cloud in an Azure subscription. A specific legacy virtual machine repeatedly triggers the "Brute force attack against SSH" alert each night during an authorized pen-test, generating dozens of e-mails that overwhelm the SOC queue. You must ensure analysts stop receiving notifications for this alert while retaining the alert data for later investigations and without disabling Defender for that virtual machine.

Which action should you perform in Microsoft Defender for Cloud?

  • Create an alert suppression rule scoped to that virtual machine and the specific alert type.

  • Disable the "Brute force attack against SSH" analytic rule in Microsoft Sentinel.

  • Turn off the VM's Microsoft Defender for Servers plan in Environment settings.

  • Disable e-mail notifications for medium-severity alerts in Defender for Cloud's email notification settings.

Microsoft Azure Security Engineer Associate AZ-500
Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot