Shouldn't the answer be management group?
Azure policy enforces compliance but doesn't manage it.
If your organization has many subscriptions, you may need a way to efficiently manage access, policies, and compliance for those subscriptions.
https://docs.microsoft.com/en-us/azure/governance/management-groups/overview
Azure Policy helps to enforce organizational standards and to assess compliance at-scale.
https://docs.microsoft.com/en-us/azure/governance/policy/overview
C is correct.
https://docs.microsoft.com/en-us/azure/governance/management-groups/overview
"If your organization has many subscriptions, you may need a way to efficiently manage access, policies, and compliance for those subscriptions. Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called "management groups" and apply your governance conditions to the management groups. All subscriptions within a management group automatically inherit the conditions applied to the management group. Management groups give you enterprise-grade management at a large scale no matter what type of subscriptions you might have.....
For example, you can apply POLICIES to a management group that limits the regions available for virtual machine (VM) creation. This policy would be applied to all management groups, subscriptions, and RESOURES under that management group by only allowing VMs to be created in that region."
Question is about "manage the COMPLIANCE of Azure RESOURCES", so Azure Policy is correct.
I think it is Management Groups because as per the question it is just asking what provides the ability to manage the compliance of Azure resources across multiple subscriptions. The subscriptions have not been grouped into management groups. You would need to do that first in order to be able to then apply the policy.
when it comes to managing compliance across multiple Azure subscriptions, Azure Management Groups play a critical role in structuring and applying policies at scale, while Azure Policy is used to define and enforce specific rules
Azure Policy is a service that allows organizations to enforce compliance requirements and assess the compliance of Azure resources. While Azure Policy is instrumental in enforcing compliance rules within individual Azure subscriptions, it doesn't inherently provide the capability to manage compliance across multiple subscriptions.
On the other hand, management groups in Azure provide a hierarchical structure that enables organizations to manage access, policies, and compliance across multiple Azure subscriptions. By assigning policies at the management group level, organizations can ensure consistent enforcement of compliance requirements across all subscriptions within that management group hierarchy.
Azure Policy evaluates resources and actions in Azure by comparing the properties of those resources to business rules. These business rules, described in JSON format, are known as policy definitions. To simplify management, several business rules can be grouped together to form a policy initiative (sometimes called a policySet). Once your business rules have been formed, the policy definition or initiative is assigned to any scope of resources that Azure supports, such as management groups, subscriptions, resource groups, or individual resources. The assignment applies to all resources within the Resource Manager scope of that assignment. Subscopes can be excluded, if necessary
let see Microsoft employee answer:
https://learn.microsoft.com/en-us/answers/questions/720850/azure-policy-and-management
The answer is: Management groups.
The key term in this context is “Azure Resources.” Management groups can be used to manage access, policies, and compliance for subscriptions at the subscription level. However, Azure Policy can be applied at the resource level, subscription level, and management group level. Therefore, since the question pertains to Azure resources specifically, Azure Policy would be the most appropriate choice.
Management Groups is the answer.
Management groups
Management groups can provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions.
This sentence “Across multiple subscriptions” made me go with Management groups.
Repeat #410
"Management Groups" is the answer.
https://learn.microsoft.com/en-us/azure/governance/management-groups/overview
If your organization has many Azure subscriptions, you may need a way to efficiently manage access, policies, and compliance for those subscriptions. Management groups provide a governance scope above subscriptions. You organize subscriptions into management groups; the governance conditions you apply cascade by inheritance to all associated subscriptions.
This section is not available anymore. Please use the main Exam Page.AZ-900 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
JayRee
Highly Voted 4 years, 1 month agoe3ddceb
9 months, 3 weeks agodayotee
1 year agoHarryGrantolosi
4 years, 1 month agoashraj97
3 years, 6 months agoclouddba
Highly Voted 3 years, 10 months agoCertKid
3 years, 7 months ago[Removed]
3 years, 1 month agoblkrn2828
Most Recent 8 months, 1 week agoShruti2024
8 months, 1 week ago126e81f
8 months, 2 weeks agoe3ddceb
9 months, 3 weeks agoPayu1994
1 year agoWebcatman
1 year, 1 month agoicebreak
1 year, 3 months agomirzada
1 year, 3 months agogfalconx
1 year, 5 months agoNguyen25183
1 year, 10 months agoSa_Msa
2 years agoRohit2023
2 years, 2 months agoDavid_yang
2 years, 3 months agozellck
2 years, 3 months agozellck
2 years, 3 months ago