Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
Your organization currently holds an Azure subscription that has implemented enhanced security measures via Microsoft Defender for Cloud. Recently, your company has entered into a contractual agreement with the United States government. As part of this new agreement, you are required to ensure that the existing Azure subscription is compliant with NIST Special Publication 800-53, which outlines the security and privacy controls for federal information systems and organizations. What is the initial step you should take to review the current subscription for NIST 800-53 compliance?
Explanation:
To review the current subscription for NIST 800-53 compliance, you should first assign a built-in initiative from Azure Policy with a scope of the subscription. Azure Policy provides a way to enforce and assess compliance with various regulatory standards including NIST 800-53 by using pre-defined initiatives. By assigning this built-in initiative, you can effectively evaluate and ensure that your resources comply with the required standards.