Expenditure Model for Azure Migration

A

Microsoft Sentinel is a scalable, cloud-native, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution.

Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for attack detection, threat visibility, proactive hunting, and threat response.

The correct answer for this question is A. Microsoft Sentinel.

Explanation:

Microsoft Sentinel is a cloud-native security information and event management (SIEM) solution that enables you to collect, analyze, and act on security events from various sources, including Azure Active Directory (Azure AD). Sentinel provides real-time threat intelligence and automation to help you identify and respond to security threats quickly.

Azure Synapse Analytics is an analytics service that enables you to ingest, prepare, manage, and serve data for immediate business intelligence and machine learning needs. While it provides a range of analytical capabilities, it does not offer security event collection and analysis features.

Azure AD Connect is a tool that enables you to integrate your on-premises identity infrastructure with Azure AD, but it does not offer security event collection and analysis features.

Azure Key Vault is a service that enables you to securely store and manage cryptographic keys, secrets, and certificates. While it provides a range of security capabilities, it does not offer security event collection and analysis features.

Therefore, Microsoft Sentinel is the correct choice for collecting and automatically analyzing security events from Azure AD.