Microsoft AZ-220: Configure alert to detect which devices have anomalous MQTT message send rate.

Table of Contents

Question
Answer
Explanation
Reference

Question

You have an Azure IoT solution that contains 20 IoT devices. Each device typically sends five Message Queuing Telemetry Transport (MQTT) messages per minute. You need to configure an alert to detect which devices have an anomalous MQTT message send rate. What should you do?

A. Create an Azure IoT hub and an IoT alert that has the following settings:

Condition: C2D message deliveries completed
Threshold: Static
Threshold value: 15
Aggregation granularity: 5 minutes

B. Create an Azure IoT hub and an IoT alert that has the following settings:

Condition: C2D message deliveries completed
Threshold: Static
Operator: Greater than
Aggregation type: Average
Threshold value: 30

C. Enable Azure Defender for IoT and create a custom rule that has the following settings:

Custom Alert: Number of device to cloud messages (MQTT protocol) is not in allowed range
Minimal Threshold: 30
Maximum Threshold: 60
Time Window Size: 00:05:00

D. Enable Azure Defender for IoT and create a custom rule that has the following settings:

Custom Alert: Number of device to cloud messages (MQTT protocol) is not in allowed range
Minimal Threshold: 20
Maximum Threshold: 30
Time Window Size: 00:05:00

Answer

C. Enable Azure Defender for IoT and create a custom rule that has the following settings:

Custom Alert: Number of device to cloud messages (MQTT protocol) is not in allowed range
Minimal Threshold: 30
Maximum Threshold: 60
Time Window Size: 00:05:00

Explanation

The correct answer is C. Enable Azure Defender for IoT and create a custom rule that has the following settings:

Custom Alert: Number of device to cloud messages (MQTT protocol) is not in allowed range
Minimal Threshold: 20
Maximum Threshold: 30
Time Window Size: 00:05:00

The other options are incorrect for the following reasons:

Option A creates an IoT alert with a threshold of 15 messages per minute. This is too low, as each device typically sends 5 messages per minute.
Option B creates an IoT alert with a threshold of 30 messages per minute. This is too high, as the maximum number of messages that a device should send per minute is 20.
Option D creates a custom rule with a minimum threshold of 30 messages per minute and a maximum threshold of 60 messages per minute. This is too wide of a range, as the maximum number of messages that a device should send per minute is 20.

The custom rule in option C is the most appropriate, as it will alert you if a device sends more than 30 messages per minute or less than 20 messages per minute. This will help you to identify devices that are sending anomalous MQTT message send rates.

Here are the steps on how to create the custom rule in Azure Defender for IoT:

Go to the Azure Defender for IoT portal.
Click on Custom Rules.
Click on Add Rule.
In the Rule Name field, enter a name for the rule.
In the Rule Type field, select Custom Alert.
In the Custom Alert section, enter the following settings:
- Custom Alert: Number of device to cloud messages (MQTT protocol) is not in allowed range
- Minimal Threshold: 20
- Maximum Threshold: 30
- Time Window Size: 00:05:00
Click on Create.

The custom rule will now be created and will start monitoring MQTT message send rates for your devices. If a device sends more than 30 messages per minute or less than 20 messages per minute, you will be alerted.

Reference

Microsoft Azure IoT Developer AZ-220 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft Azure IoT Developer AZ-220 exam and earn Microsoft Azure IoT Developer AZ-220 certification.