Microsoft Sentinel

You are planning the deployment of Microsoft Sentinel.
Which type of Microsoft Sentinel data connector should you use to meet the security requirements?

You have 20 on-premises virtual machines that run Windows Server.

You have an Azure subscription that contains a Microsoft Sentinel workspace named Workspace1.

You need to collect events from the on-premises virtual machines end forward the events to Workspace1. The solution must ensure that you can define filters to minimize the volume of collected events.

Which two components should you install on each virtual machine? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

You have an on-premises server named Server1 that runs Windows Server.

You have a Microsoft Sentinel instance.

You add the Windows Firewall data connector in Microsoft Sentinel.

You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

Solution: You install the Microsoft Integration Runtime on Server1.

Does this meet the goal?

You have an on-premises server named Server1 that runs Windows Server.

You have a Microsoft Sentinel instance.

You add the Windows Firewall data connector in Microsoft Sentinel.

You need to ensure that Microsoft Sentinel can collect Windows Firewall logs from Server1.

Solution: You onboard Server1 to Microsoft Defender for Endpoint.

Does this meet the goal?

You have an on-premises server named Server1 and a Microsoft Sentinel instance.
You plan to collect Windows Defender Firewall events from Server1 and analyze the event data by using Microsoft Sentinel.
What should you install on Server1, and which information should you provide during the installation? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an on-premises server named Server1 that runs Windows Server 2022 Standard.

You have an Azure subscription that contains the virtual machines shown in the following table.



The subscription contains a Microsoft Sentinel instance named Sentinel1 in the Central US Azure region.

You need to implement the Windows Firewall connector.

You have a Microsoft Sentinel deployment and 100 Azure Arc-enabled on-premises servers. All the Azure Arc-enabled resources are in the same resource group.
You need to onboard the servers to Microsoft Sentinel. The solution must minimize administrative effort.
What should you use to onboard the servers to Microsoft Sentinel?