Contoso, Ltd. plans to configure existing applications to use Azure SQL Database.
When security-related operations occur, the security team must be informed.
You need to configure Azure Monitor while minimizing administrative efforts.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Click on the arrows to vote for the correct answer
A. B. C. D. E.ACD
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-action-rulesTo configure Azure Monitor for notifying the security team when security-related operations occur in Azure SQL Database, the following steps should be performed:
Action groups are a collection of notification preferences, such as email or SMS, that define how to alert the relevant team members when an event occurs. The first step is to create a new action group to include the email address alerts@contoso.com to receive the notification emails.
The next step is to use the email address alerts@contoso.com as the recipient for the alert notification. This can be done by adding the email address to the action group that was created in step 1.
To ensure that only security-related operations are monitored, it is necessary to define the relevant conditions to trigger an alert. In this case, all security operations should be used as a condition to trigger the alert.
Therefore, the correct options are A, B, and C:
A. Create a new action group to email alerts@contoso.com. B. Use alerts@contoso.com as an alert email address. C. Use all security operations as a condition.
Option D, which suggests using all Azure SQL Database servers as a resource, is not required in this scenario since we want to monitor security-related operations only, not all operations on all servers.
Option E, which suggests querying audit log entries as a condition, can be an additional step to refine the alert conditions, but it is not mandatory to achieve the desired outcome.