Answer-first summary for fast verification
Answer: By default, logs ingested into Microsoft Sentinel are stored in Azure Monitor Log Analytics., There is a cost associated with exporting logs from Log Analytics workspace to storage accounts or Event Hubs after 90 days.
Option B is correct because, by default, logs ingested into Microsoft Sentinel are stored in Azure Monitor Log Analytics. Option C is also correct as there is a cost associated with exporting logs from the Log Analytics workspace to storage accounts or Event Hubs after 90 days. Option A is incorrect because Azure Sentinel does not inherently store logs in the Log Analytics workspace specifically after 90 days; it uses the Log Analytics workspace from the start. Option D is incorrect as there are other options besides storage accounts, such as Event Hubs, for transferring logs without incurring additional costs for keeping them in the Log Analytics workspace.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Assess the accuracy of the following statements regarding the storage and management of logs in Azure Sentinel and Log Analytics workspace.
A
Azure Sentinel utilizes Log Analytics workspace to store logs after 90 days if Sentinel is enabled.
B
By default, logs ingested into Microsoft Sentinel are stored in Azure Monitor Log Analytics.
C
There is a cost associated with exporting logs from Log Analytics workspace to storage accounts or Event Hubs after 90 days.
D
A storage account is the sole option for transferring logs without incurring costs to maintain them in Log Analytics workspace.
No comments yet.