Answer-first summary for fast verification
Answer: From Azure Backup, configure multi-user authorization by using Resource Guard.
The correct answer is A. Multi-user authorization by using Resource Guard is the recommended approach to ensure critical backup operations are protected from compromised administrator accounts. Resource Guard enables additional layers of protection by requiring multiple users or separate authorizations to perform critical actions such as disabling soft delete, stopping, and deleting backups, or reducing retention of backup policies. This is in accordance with Microsoft Security Best Practices.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You manage an Azure Active Directory (Azure AD) tenant that synchronizes with an on-premises Active Directory Domain Services (AD DS) domain. Within your on-premises datacenter, you have 100 Windows Server machines whose backups are managed using Microsoft Azure Backup Server (MABS). As part of your cybersecurity strategy, particularly concerning ransomware attack mitigation, you are designing a recovery plan that adheres to Microsoft Security Best Practices. Your goal is to ensure that if an administrator account is compromised, it cannot be used to delete the backups. What measure should you take to accomplish this?
A
From Azure Backup, configure multi-user authorization by using Resource Guard.
B
From Microsoft Azure Backup Setup, register MABS with a Recovery Services vault.
C
From a Recovery Services vault, generate a security PIN for critical operations.
D
From Azure AD Privileged Identity Management (PIM), create a role assignment for the Backup Contributor role.
No comments yet.