ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 2 question 38 discussion

Actual exam question from Microsoft's SC-100
Question #: 38
Topic #: 2
[All SC-100 Questions]

You have an Azure subscription that has Microsoft Defender for Cloud enabled.

You need to enforce ISO 27001:2013 standards for new resources deployed to the subscription. The solution must ensure that noncompliant resources are automatically detected.

What should you use?

  • A. Azure Blueprints
  • B. the regulatory compliance dashboard in Defender for Cloud
  • C. Azure Policy
  • D. Azure role-based access control (Azure RBAC)
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Victory007 at Aug. 5, 2023, 3:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
emartiy
10 months, 1 week ago
Selected Answer: C
Azure Policy fulfill the question requirement!
upvoted 4 times
...
hellawaits111
11 months, 2 weeks ago
Selected Answer: B
I would say B Azure Policy will be the enforcement part
upvoted 1 times
...
ayadmawla
1 year, 3 months ago
Selected Answer: B
They would like to "enforce" but first we need to detect non-compliance against the standard and therefore we must choose B to select the regulatory compliance in question and determine where the non-compliance is see: https://learn.microsoft.com/en-us/azure/defender-for-cloud/regulatory-compliance-dashboard
upvoted 1 times
ayadmawla
1 year, 3 months ago
Microsoft Defender for Cloud helps you to meet regulatory compliance requirements by continuously assessing resources against compliance controls, and identifying issues that are blocking you from achieving a particular compliance certification. In the Regulatory compliance dashboard, you manage and interact with compliance standards. You can see which compliance standards are assigned, turn standards on and off for Azure, AWS, and GCP, review the status of assessments against standards, and more.
upvoted 1 times
...
ayadmawla
1 year, 2 months ago
I am wrong here; Policy detects and enforces see: https://learn.microsoft.com/en-us/azure/governance/policy/samples/iso-27001 my apologies
upvoted 5 times
...
Ramye
1 year, 3 months ago
but it also says "You need to enforce standards for new resources deployed to the subscription." so how do you enforce? that would be via policy
upvoted 1 times
...
...
Murtuza
1 year, 3 months ago
enforce = azure policy
upvoted 3 times
...
juanpe147
1 year, 4 months ago
in my opinion, if they are new elements, it should be a BluePrint instead an azure Policy
upvoted 3 times
...
Victory007
1 year, 8 months ago
Selected Answer: C
same as before.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago