Request for Help: Microsoft Sentinel Course Challenge Question

Is anyone able to assist, or direct me to an appropriate resource, regarding the completion of the Microsoft Sentinel course in which I am enrolled? I am at the final challenge (Module 6.2) and I cannot find the correct answer to one of the eight questions. Specifically, I cannot answer:

“What data source is needed in order to detect brute force attacks against the Azure Portal?”

The hint is:
***** ** **** **"

I have all other questions in the assessment correct, and I have invested quite a bit of time both taking the course and trying to find the answer to the remaining challenge question. It would be a disappointment if I missed course completion, and the resulting certificate, if I can’t cross the final hurdle.

Thanks in advance for any assistance.

I adjusted the answer based on this slide…

image

1 Like

Thank you very much! The revised answer aligns closer to the content, so I appreciate your assistance. The question did provide a good opportunity to review the Microsoft documentation as well. Thanks again!

Hi, Can you help me ? I cannot find the answer for the question “7. If you use a third-party solution and cannot find analytics rules templates out of the box, what is the next place to look for additional content?”

Thanks in advance.

Including the *** in the hint may be helpful to make sure the response is correct.

From memory, the answer for that may be “Content Hub”

I hope that helps!

Can someone help?
I can’t find the answer to the question Which data source requires a Premium P1 or P2 license to export into a Log Analytics Workspace? ***** **** ** ****

It was related to the azure ad sign-in logs, but I can’t get the format correct.