Microsoft Security Operations Analyst Associate SC-200 Practice Question
You manage a Microsoft Sentinel workspace. You want to ingest JSON-formatted telemetry from a line-of-business applications by using the Azure Monitor Logs Ingestion API. The data must be stored in a new custom log table named AppEvents_CL within the workspace. Before you can send events to the ingestion endpoint, which Azure resource must you create to satisfy a required prerequisite?
A syslog forwarder configured with the Log Analytics agent
A diagnostic setting that routes the application events to the custom table
A workbook template that defines the schema of the AppEvents_CL table
A data collection endpoint (DCE) that your data collection rule will reference
The Azure Monitor Logs Ingestion API requires two main components before data can be sent: a data collection endpoint (DCE) that exposes an ingestion endpoint URI and a data collection rule (DCR) that defines the target Log Analytics workspace, the custom table name, and (optionally) any transformations. The DCE is mandatory because the API call that sends the JSON payload targets the DCE's endpoint. Diagnostic settings and workbooks play no role in the Logs Ingestion API flow, and the Log Analytics (MMA) agent is not used for this method of data collection.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Data Collection Endpoint (DCE)?
Open an interactive chat with Bash
How does a Data Collection Rule (DCR) work with DCE?
Open an interactive chat with Bash
What is the Azure Monitor Logs Ingestion API used for?
Open an interactive chat with Bash
Microsoft Security Operations Analyst Associate SC-200
Manage a security operations environment
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .