Sign Up

Question 16 of 18

Previous QuestionNext Question

You have an on-premises infrastructure that contains the following:

  • An Active Directory domain with a domain controller named ServerA.
  • A server named ServerB that's not a domain controller.

A security policy is configured that prevents ServerA from connecting to the Internet. ServerB can connect to the Internet.

You've been tasked with implementing Microsoft Defender for Identity to monitor ServerA.

How should you configure the servers?

This question/answer is only relevant if you deploy Microsoft Defender for Identity standalone sensors instead of Defender for Identity sensors.

In short, you need to configure port mirroring on each server to be monitored. Then install a standalone sensor. Finally, configure an event collection/subscription on the server that can connect to the internet.

Did you like the site?