Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
You have an Azure subscription along with an on-premises datacenter which houses 100 servers running Windows Server. These servers are currently backed up to a Recovery Services vault using Azure Backup and the Microsoft Azure Recovery Services (MARS) agent. Your task is to design a recovery solution specifically for ransomware attacks that encrypt the on-premises servers. The solution must comply with Microsoft Security Best Practices and safeguard against the following risks:
What should you use for each risk? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Explanation:
For the first risk, 'A compromised administrator account used to delete the backups from Azure Backup before encrypting the servers,' enabling Soft Delete ensures that even if backups are deleted, they are retained for an additional 14 days, allowing recovery without data loss. For the second risk, 'A compromised administrator account used to disable the backups on the MARS agent before encrypting the servers,' using Multi-user authorization by leveraging Resource Guard ensures that critical operations such as disabling backups require authorization from multiple users, mitigating the risk of a single compromised account causing damage.