Exam SC-200 topic 2 question 28 discussion

Should Be Yes A https://docs.microsoft.com/en-us/azure/defender-for-cloud/quickstart-onboard-machines?pivots=azure-arc

You need both Azure Arc to see the VM and the LAW agent. Now, the agent can be automatically deployed after Azure Arc is deployed. Answer should be A) Yes.

Answer: A Automatic agent provisioning (Defender for Cloud uses Azure Arc to deploy the Log Analytics agent to your AWS instances) https://learn.microsoft.com/en-us/training/modules/connect-non-azure-machines-to-azure-defender/4-connect-aws-accounts

Enabling Azure Arc does not meet the objectives. Azure Defender for Cloud relies on Log Analytics agent to protect hybrid machines using Azure Defender for Cloud. Answer is B.

Yes, deploying Azure Defender and enabling auto-provisioning will allow you to monitor virtual machines across various cloud providers, including Amazon Web Services (AWS) and on-premises environments. However, enabling Azure Arc and onboarding the virtual machines to Azure Arc won't directly fulfill the goal of monitoring the virtual machines using Azure Defender. Azure Arc enables you to extend Azure services and management to any infrastructure, including AWS, on-premises, and other cloud providers. While Azure Defender can be used to protect resources onboarded to Azure Arc, simply enabling Azure Arc and onboarding the virtual machines won't automatically monitor them with Azure Defender. To monitor the Linux virtual machines on AWS using Azure Defender, you would typically need to deploy the appropriate agents or extensions on those machines to collect security-related data and send it to Azure Security Center for analysis. Then, Azure Defender will provide security insights and recommendations based on the collected data. Therefore, the solution provided does not meet the goal.

Enabling Azure Arc and onboarding virtual machines to Azure Arc does not directly meet the goal of monitoring virtual machines using Azure Defender. Azure Arc is a separate service that extends Azure management and services to any infrastructure, including on-premises servers and other cloud providers.

By ChatGPT the given answer is correct, so in B: "Azure Defender is a security service provided by Microsoft for Azure resources, and it is not designed to monitor or protect resources on other cloud platforms like AWS. To monitor virtual machines on AWS, you would typically use AWS-native services or third-party solutions."

From this link "https://docs.microsoft.com/en-us/azure/defender-for-cloud/quickstart-onboard-machines?pivots=azure-arc" "If you're connecting machines from other cloud providers, see Connect your AWS account or Connect your GCP project. The multicloud connectors for Amazon Web Services (AWS) and Google Cloud Platform (GCP) in Defender for Cloud transparently handle the Azure Arc deployment for you." Aso we need Azure RAc but MS Defender for Cloud will handle it for us by using multicloud connectors. Perfect wording again in one another Micsrosoft Exam !!!

Option B is the correct answer: No. Enabling Azure Arc and onboarding virtual machines to Azure Arc is not the correct way to monitor Linux virtual machines on Amazon Web Services (AWS) using Azure Defender. Azure Arc is primarily used for managing and monitoring resources in a hybrid environment, including on-premises and multi-cloud resources, but it doesn't specifically enable Azure Defender on virtual machines in AWS. To monitor virtual machines on AWS with Azure Defender, you would typically use the Azure Security Center for AWS, which provides integration between Azure Defender and AWS resources. Azure Arc would not directly achieve this goal.

as Linux not Correct

From Microsoft: Azure Arc-enabled servers lets you manage Windows and Linux physical servers and virtual machines hosted outside of Azure, on your corporate network, or other cloud provider. For the purposes of Azure Arc, these machines hosted outside of Azure are considered hybrid machines.

Since the question mentions 'Auto provisioning is enabled', Azure arc is able to do the task as Azure Arc is capable of 'automatic agent provisioning'.

Defender for Cloud leverages Azure Arc to simplify the on-boarding and security of virtual machines running in AWS and other clouds. This includes automatic agent provisioning, policy management, vulnerability management, embedded EDR, and much more. Keyword: automatic agent provisioning Source https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-how-to-connect-aws-machines-to-microsoft-defender/ba-p/3251096

the Question says that you need to monitor not connect if the question says you need to connect the VM on AWS to Azure Defender the answer will be yes but in this case even if I choose yes it will need to install Log Agent to monitor the VM So the Question Says I need to Monitor so enabling Azure Arc won't be the best choice so I go with B

ChatGPT says A too lol

A. Yes, this meets the goal. By enabling Azure Arc and onboarding the Linux virtual machines to Azure Arc, you can monitor them using Azure Defender

A is the way to go!