Microsoft AZ-801 Question Answer
You have 50 on-premises servers that run Windows Server.
You have an Azure subscription that contains a Microsoft Sentinel workspace.
You plan to monitor the servers by using Microsoft Sentinel.
You need to perform the following actions in Microsoft Sentinel;
• Add the Windows Forwarded Events data connector.
• Create a playbook that has an incident trigger.
Which two settings should you use? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.



