Notifications
Clear all
Topic starter
Your network contains an on-premises Active Directory domain.
Your company has a security policy that prevents additional software from being installed on domain
controllers.
You need to monitor a domain controller by using Microsoft Azure Advanced Threat Protection (ATP).
What should you do? More than once choice may achieve the goal. Select the BEST answer.
- A . Deploy an Azure ATP standalone sensor, and then configure port mirroring.
B. Deploy an Azure ATP standalone sensor, and then configure detections.
C. Deploy an Azure ATP sensor, and then configure detections.
D. Deploy an Azure ATP sensor, and then configure port mirroring.
Suggested Answer: C
Explanation:
If you’re installing on a domain controller, you don’t need a standalone ATP sensor. You need to configure the detections to detect application installations. With an ATP sensor (non-standalone), you don’t need to configure port mirroring.
Reference:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-capacity-planning#choosing-the-right-sensor-type-for-your-deployment
Explanation:
If you’re installing on a domain controller, you don’t need a standalone ATP sensor. You need to configure the detections to detect application installations. With an ATP sensor (non-standalone), you don’t need to configure port mirroring.
Reference:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step5
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-capacity-planning#choosing-the-right-sensor-type-for-your-deployment
Posted : 23/01/2023 4:12 pm