Discover how to configure your Azure subscription to create custom alert rules in Azure Security Center. Follow these steps, including setting up an Azure Log Analytics workspace and upgrading to the Standard pricing tier.
Table of Contents
Question
You create a new Azure subscription.
You need to ensure that you can create custom alert rules in Azure Security Center.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Onboard Azure Active Directory (Azure AD) Identity Protection.
B. Create an Azure Storage account.
C. Implement Azure Advisor recommendations.
D. Create an Azure Log Analytics workspace.
E. Upgrade the pricing tier of Security Center to Standard.
Answer
D. Create an Azure Log Analytics workspace.
E. Upgrade the pricing tier of Security Center to Standard.
Explanation
You need write permission in the workspace that you select to store your custom alert.
The correct answer is D. Create an Azure Log Analytics workspace and E. Upgrade the pricing tier of Security Center to Standard.
To create custom alert rules in Azure Security Center, you need to have a Log Analytics workspace and a Standard pricing tier for Security Center. A Log Analytics workspace is a container that stores data collected by Azure Monitor, such as logs and metrics from your Azure resources. A Log Analytics workspace is required to store the data that is used by the custom alert rules to evaluate the conditions and generate alerts. A Standard pricing tier for Security Center is a subscription level that provides advanced security features, such as threat detection, adaptive application controls, and just-in-time access. A Standard pricing tier for Security Center is required to enable some of the security policies and recommendations that are used by the custom alert rules to monitor the security posture of your resources.
To create a Log Analytics workspace, you can follow these steps:
- Sign in to the Azure portal.
- Select Create a resource > Management tools > Log Analytics.
- In the Create Log Analytics workspace page, enter the following information:
- Subscription: Select your Azure subscription.
- Resource group: Select an existing resource group or create a new one.
- Name: Enter a name for your workspace.
- Region: Select a region for your workspace.
- Select Review + create > Create.
To upgrade the pricing tier of Security Center to Standard, you can follow these steps:
- Sign in to the Azure portal.
- Select Security Center > Pricing & settings.
- Select your subscription.
- In the Pricing tier page, select Standard.
- Select Save.
Reference
- Azure > Security > Microsoft Defender for Cloud > What is Microsoft Defender for Cloud?
The latest Microsoft AZ-500 Azure Security Technologies certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Microsoft AZ-500 Azure Security Technologies exam and earn Microsoft AZ-500 Azure Security Technologies certification.
