ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-900 All Questions

View all questions & answers for the AZ-900 exam
Go to Exam

Exam AZ-900 topic 1 question 249 discussion

Actual exam question from Microsoft's AZ-900
Question #: 249
Topic #: 1
[All AZ-900 Questions]

HOTSPOT -
You plan to implement several security services for an Azure environment. You need to identify which Azure services must be used to meet the following security requirements:
✑ Monitor threats by using sensors
✑ Enforce Azure Multi-Factor Authentication (MFA) based on a condition
Which Azure service should you identify for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1:
To monitor threats by using sensors, you would use Azure Advanced Threat Protection (ATP).
Azure Advanced Threat Protection (ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Sensors are software packages you install on your servers to upload information to Azure ATP.
Box 2:
To enforce MFA based on a condition, you would use Azure Active Directory Identity Protection.
Azure AD Identity Protection helps you manage the roll-out of Azure Multi-Factor Authentication (MFA) registration by configuring a Conditional Access policy to require MFA registration no matter what modern authentication app you are signing in to.
References:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/what-is-atp https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy
by success101 at Dec. 31, 2019, 11:11 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
fgrion
Highly Voted 2 years, 11 months ago
guys, can you please comment only if you think an answer is wrong and why? reading 20 comments of people saying correct doesn't help at all and you always open it. let's put the comments to the minimum pls
upvoted 132 times
Mete99
10 months ago
Thats correct! I got the same
upvoted 4 times
...
sfngwjkgsngeghjnke
2 years, 10 months ago
Correct answer
upvoted 20 times
...
Nvoisn
1 year, 3 months ago
You are correct
upvoted 5 times
...
wmoras
5 months ago
correct
upvoted 1 times
...
Load full discussion...
...
success101
Highly Voted 4 years, 3 months ago
Both are correct. Sources: 1. https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-architecture 2. https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
upvoted 48 times
...
zellck
Most Recent 1 year, 3 months ago
"Azure ATP" and "Azure AD Identity Protection" is the answer. https://learn.microsoft.com/en-us/defender-for-identity/what-is Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies#azure-ad-mfa-registration-policy Identity Protection can help organizations roll out Azure AD multifactor authentication (MFA) using a policy requiring registration at sign-in. Enabling this policy is a great way to ensure new users in your organization have registered for MFA on their first day. Multifactor authentication is one of the self-remediation methods for risk events within Identity Protection. Self-remediation allows your users to take action on their own to reduce helpdesk call volume.
upvoted 4 times
...
QBB
1 year, 5 months ago
Given answer is correct
upvoted 2 times
...
Contactfornitish
2 years, 1 month ago
Second one is INCORRECT. Identity protection does provide the info if something is risky or suspicious but alone it doesn't has anything to enforce. Conditional Access use that signal but conditional acces itself fall under Azure Security Center and NOT Identity Protection. Saying to after managing conditional access policies for years https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
upvoted 3 times
alashi
1 year, 5 months ago
Its not incorrect, this is now Defender for Identity, and it can apply authentication policies.
upvoted 3 times
...
User_Mowgli
1 year, 6 months ago
No. It's corect
upvoted 1 times
...
...
AZ_Guru_Wannabe
2 years, 4 months ago
FYI - apparently ATP has been renamed "Microsoft Defender for Identity" - no idea if the term on the exam has been changed, but be aware "Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP)" https://docs.microsoft.com/en-us/defender-for-identity/what-is
upvoted 16 times
...
AnNguyen88
2 years, 4 months ago
Keywords are Threat Protection and MFA
upvoted 2 times
...
Dhsh
2 years, 4 months ago
It's correct
upvoted 1 times
...
FrankBelo
2 years, 4 months ago
correct answer!!
upvoted 1 times
...
giraffe
2 years, 5 months ago
The answer displayed is correct
upvoted 1 times
...
easygo68
2 years, 5 months ago
Be asked in the 11.11.2021 exam!
upvoted 1 times
...
Camus_
2 years, 5 months ago
CORRECT
upvoted 1 times
...
RISHI_009
2 years, 9 months ago
correct
upvoted 1 times
...
Gerardo1971
2 years, 11 months ago
Correct answer
upvoted 1 times
...
soumya_
3 years, 1 month ago
what is the difference between security center and AATP? both says threat protection... confused...
upvoted 2 times
...
Acredser
3 years, 2 months ago
"Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization." -- The questions does not mention anything about "on-premise"?
upvoted 3 times
...
panal
3 years, 2 months ago
correct
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago