ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 2 question 4 discussion

Actual exam question from Microsoft's SC-100
Question #: 4
Topic #: 2
[All SC-100 Questions]

Your company has an Azure subscription that has enhanced security enabled for Microsoft Defender for Cloud.
The company signs a contract with the United States government.
You need to review the current subscription for NIST 800-53 compliance.
What should you do first?

  • A. From Azure Policy, assign a built-in initiative that has a scope of the subscription.
  • B. From Microsoft Sentinel, configure the Microsoft Defender for Cloud data connector.
  • C. From Defender for Cloud, review the Azure security baseline for audit report.
  • D. From Microsoft Defender for Cloud Apps, create an access policy for cloud applications.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by prabhjot at Aug. 30, 2022, 6:07 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PlumpyTumbler
Highly Voted 1 year, 7 months ago
Selected Answer: A
The given answer is probably the closest. In real life I'd add a regulatory compliance standard in Defender for Cloud. This question might be seen written another way where that is the answer. https://docs.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages#what-regulatory-compliance-standards-are-available-in-defender-for-cloud
upvoted 21 times
NinjaSchoolProfessor
9 months, 2 weeks ago
A - I agree that I'd probably use Defender for Cloud as the UI is much better, however this service simply doesn't do the work, rather it invokes the Azure Policy initiative which is then reported back to Defender for Cloud. https://learn.microsoft.com/en-us/azure/defender-for-cloud/policy-reference
upvoted 3 times
...
...
zpack
Most Recent 2 months, 3 weeks ago
Selected Answer: C
You need to do it via DfC, using policy blade to check policies assigned from DfC is not a good experience as policies are applied many times with different parameters. Plus the NIST controls will only be mapped under DfC.
upvoted 1 times
...
Itu2022
10 months, 2 weeks ago
was on exam 15/06/23
upvoted 4 times
...
zellck
11 months, 2 weeks ago
Selected Answer: A
A is the answer. https://learn.microsoft.com/en-us/azure/governance/policy/samples/nist-sp-800-53-r5
upvoted 3 times
...
AJ2021
1 year, 1 month ago
Selected Answer: A
A is correct
upvoted 2 times
...
Nappy123
1 year, 2 months ago
One keyword in the question is "review". Answer A would "assign" the policy initiative - not "review". Given that the company has Defender for Cloud, Answer C would be my choice.
upvoted 4 times
Toschu
1 year, 1 month ago
I thought the same, but it says for "the current subscription". Assigning an initiative directly to the mentioned subscription might be easier if there are several.
upvoted 1 times
...
...
TJ001
1 year, 3 months ago
Correct Answer.. It is policy initiative assignment .. can be done directly from Policy Blade or Insider Defender for Cloud..end of the day it is an Azure policy .. Correct Answer A
upvoted 2 times
...
Zstefanovic
1 year, 7 months ago
Selected Answer: A
A, built in policy to comply with that regulation
upvoted 2 times
...
tester18128075
1 year, 7 months ago
A is correct
upvoted 2 times
...
prabhjot
1 year, 8 months ago
ans seems correct ( azure policy) as in another option - Defender for Cloud, review the Azure security baseline for audit report. ( review it is mentioned not creating from custom policy )
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago