Is anyone able to assist, or direct me to an appropriate resource, regarding the completion of the Microsoft Sentinel course in which I am enrolled? I am at the final challenge (Module 6.2) and I cannot find the correct answer to one of the eight questions. Specifically, I cannot answer:
“What data source is needed in order to detect brute force attacks against the Azure Portal?”
The hint is:
***** ** **** **"
I have all other questions in the assessment correct, and I have invested quite a bit of time both taking the course and trying to find the answer to the remaining challenge question. It would be a disappointment if I missed course completion, and the resulting certificate, if I can’t cross the final hurdle.
Thanks in advance for any assistance.
I adjusted the answer based on this slide…
1 Like
Thank you very much! The revised answer aligns closer to the content, so I appreciate your assistance. The question did provide a good opportunity to review the Microsoft documentation as well. Thanks again!
Hi, Can you help me ? I cannot find the answer for the question “7. If you use a third-party solution and cannot find analytics rules templates out of the box, what is the next place to look for additional content?”
Thanks in advance.
Including the *** in the hint may be helpful to make sure the response is correct.
From memory, the answer for that may be “Content Hub”
I hope that helps!
Can someone help?
I can’t find the answer to the question Which data source requires a Premium P1 or P2 license to export into a Log Analytics Workspace? ***** **** ** ****
It was related to the azure ad sign-in logs, but I can’t get the format correct.
the question from DampDragon712 is my final question to gain the certificate.
Somebody has the answer or any hints…i cant find the right answer to fullfill the format.
Found the answer. The format was a bit confusing for me because i expected a - in sign-in so i tried several options with for example AD and entra.
axxxe sxxn ix lxxs (answer partially redacted by admin)