Answer-first summary for fast verification
Answer: Azure Active Directory (Azure AD) Privileged Identity Management (PIM), Microsoft Sentinel
Azure Active Directory (Azure AD) Privileged Identity Management (PIM) is a preventive control that establishes zero-trust and least privilege access, which helps to map roles to the minimum access levels needed. Microsoft Sentinel, although primarily a SIEM and SOAR solution, can also be onboarded to improve the security posture of your landing zone. It helps in monitoring and protecting your environment, which aligns with increasing the secure score. Preventive controls are proactive measures that aim to prevent security incidents from occurring, thus B and C are suitable preventive controls for increasing the secure score. Note that Azure Firewall and Azure Web Application Firewall (WAF) are more aligned with protecting specific network and application layers rather than general security improvements for landing zones.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company is in the process of adopting cloud services and is focusing on preparing the necessary security measures for Azure landing zones. As part of this initiative, you are tasked with designing security features to enhance the secure score. Identify two preventative controls that can be implemented to achieve this goal. Each correct answer provides a full solution. NOTE: Each correct selection is worth one point.
A
Azure Web Application Firewall (WAF)
B
Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
C
Microsoft Sentinel
D
Azure Firewall
E
Microsoft Defender for Cloud alerts