Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
You are managing an environment with both a Microsoft 365 subscription and an Azure subscription. In this setup, Microsoft 365 Defender is active and Microsoft Defender for Cloud is also enabled. Your Azure subscription includes 50 virtual machines, and each of these VMs runs different applications on Windows Server 2019. Your goal is to ensure that only applications that have been approved can run on these virtual machines. If an unauthorized application tries to run or gets installed, it should be blocked automatically until the application is approved by an administrator. Which security control would you recommend to achieve this?
You are managing an environment with both a Microsoft 365 subscription and an Azure subscription. In this setup, Microsoft 365 Defender is active and Microsoft Defender for Cloud is also enabled. Your Azure subscription includes 50 virtual machines, and each of these VMs runs different applications on Windows Server 2019. Your goal is to ensure that only applications that have been approved can run on these virtual machines. If an unauthorized application tries to run or gets installed, it should be blocked automatically until the application is approved by an administrator. Which security control would you recommend to achieve this?
Explanation:
Adaptive application controls in Defender for Cloud are an intelligent and automated solution for defining allowlists of known-safe applications for your machines. Although it doesn't currently offer enforcement options to automatically block applications until an administrator authorizes them, it is the closest option available among the provided choices. It helps by generating security alerts if any unauthorized application runs, which allows administrators to take appropriate actions. Other provided options do not specifically cater to managing application execution policies on virtual machines.