Create Custom Alert Rules in Azure Security Center | AZ-500 Exam Preparation

Create Custom Alert Rules in Azure Security Center

Question

You create a new Azure subscription.

You need to ensure that you can create custom alert rules in Azure Security Center.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

BD

D: You need write permission in the workspace that you select to store your custom alert.

https://docs.microsoft.com/en-us/azure/security-center/security-center-custom-alert

To create custom alert rules in Azure Security Center, you need to perform the following actions:

  1. Create an Azure Log Analytics workspace: You need to create an Azure Log Analytics workspace where you can collect and analyze data from your Azure resources, including Security Center. This will enable you to create custom alerts based on the data collected in the workspace.

  2. Upgrade the pricing tier of Security Center to Standard: To create custom alert rules, you need to upgrade the pricing tier of Security Center from Free to Standard. This will give you access to more advanced security features, including the ability to create custom alert rules.

Therefore, the correct answers are D and E.

Let's briefly look at the other options:

A. Onboard Azure Active Directory (Azure AD) Identity Protection: Azure AD Identity Protection is a feature of Azure Active Directory that provides risk-based conditional access policies. It is not directly related to creating custom alert rules in Azure Security Center.

B. Create an Azure Storage account: Creating an Azure Storage account is not required for creating custom alert rules in Azure Security Center.

C. Implement Azure Advisor recommendations: Azure Advisor is a service that provides personalized recommendations to optimize your Azure resources for high availability, security, performance, and cost. It is not directly related to creating custom alert rules in Azure Security Center.