ExpertMinds LogoExpertMinds
Medium1 markMultiple Choice
Domain 1.1: Logging and MonitoringDomain 1Azure SentinelAzure LighthouseMulti-tenant

AZ-305 · Question 04 · Domain 1.1: Logging and Monitoring

You are designing an Azure Sentinel architecture for a Managed Security Service Provider (MSSP).

The MSSP manages security for 15 different enterprise customers. Each customer has their own Azure Active Directory (Microsoft Entra ID) tenant and strict data residency requirements (some in the US, some in the EU). The MSSP's Security Operations Center (SOC) team needs to view and correlate incidents across all 15 customers from a single pane of glass.

Which TWO technologies should you include in your design to meet these requirements? (Select TWO)

Answer options:

A.

Azure Lighthouse

B.

Multiple Azure Sentinel workspaces (one per customer region/tenant)

C.

A single centralized Azure Sentinel workspace in the MSSP tenant

D.

Azure AD B2B Guest Accounts

E.

Azure Data Factory

How to approach this question

Address the data residency constraint first (requires distributed workspaces), then address the single pane of glass requirement for the MSSP (requires Lighthouse).

Full Answer

Azure Lighthouse and Multiple Azure Sentinel workspaces (one per customer region/tenant).
Due to strict data residency requirements, logs cannot be centralized into a single workspace; they must remain in workspaces within each customer's respective region and tenant. To allow the MSSP SOC to monitor all these distributed workspaces from a single pane of glass, Azure Lighthouse is required. Lighthouse provides delegated resource management, enabling cross-tenant queries and incident management without needing B2B guest accounts in every tenant.

Common mistakes

Selecting a single centralized workspace, ignoring the data residency constraints mentioned in the scenario.
03All questions05

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 1

55 questions · hints · full answers · grading

Sign up freeTake the exam

More questions from this exam

Q01Contoso Ltd is a global financial institution with 80 Azure subscriptions spread across 4 managem...MediumQ02Fabrikam Inc. operates a hybrid cloud environment with 500 on-premises VMware virtual machines ru...HardQ03A startup company has a single Azure subscription with a monthly budget of $5,000. The CFO want...EasyQ05A healthcare enterprise is migrating its infrastructure to Azure. They have strict compliance req...HardQ06Woodgrove Bank is developing two new web applications hosted on Azure App Service: 1. Partner Po...Medium
View all 55 questions →