Answer-first summary for fast verification
Answer: Streaming Databricks audit logs directly to Azure Sentinel using built-in connectors and creating custom detection rules based on log data
Option D is the most effective strategy for integrating Azure Databricks with Azure Sentinel for advanced threat detection. Streaming Databricks audit logs directly to Azure Sentinel using built-in connectors enables real-time monitoring of activities within the Databricks environment. This approach facilitates the immediate detection of suspicious behavior or potential threats. Furthermore, creating custom detection rules based on the log data allows the company to tailor the threat detection capabilities to its specific needs, ensuring effective identification and response to security incidents or anomalies. This method provides comprehensive monitoring and advanced threat detection capabilities, making it the optimal integration strategy for enhancing security within the Azure Databricks environment.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can a company enhance threat detection in its Azure Databricks environment by integrating with Azure Sentinel for comprehensive monitoring and advanced threat detection?
A
Exporting Databricks logs to a storage account and periodically importing them into Sentinel using Logic Apps
B
Manual review and transfer of suspicious activity logs from Databricks to Azure Sentinel for analysis
C
Using Azure Event Hubs to ingest Databricks logs into Sentinel in real-time, leveraging machine learning-based threat detection models
D
Streaming Databricks audit logs directly to Azure Sentinel using built-in connectors and creating custom detection rules based on log data
No comments yet.