Microsoft Azure Fundamentals AZ-900
Get started today
Ultimate access to all questions.
As the Azure administrator for your organization, you are tasked with ensuring that all new virtual machines (VMs) deployed across your Azure environment use only a specific set of approved images to maintain security and compliance standards. The solution must automatically enforce this requirement without manual intervention and should be scalable to accommodate future growth. Additionally, the solution must provide compliance reporting to audit VM deployments against the approved images. Which of the following approaches BEST meets these requirements? (Choose two options if option E is available.)
As the Azure administrator for your organization, you are tasked with ensuring that all new virtual machines (VMs) deployed across your Azure environment use only a specific set of approved images to maintain security and compliance standards. The solution must automatically enforce this requirement without manual intervention and should be scalable to accommodate future growth. Additionally, the solution must provide compliance reporting to audit VM deployments against the approved images. Which of the following approaches BEST meets these requirements? (Choose two options if option E is available.)
Explanation:
Creating a custom Azure Policy definition that specifies the approved VM images and assigning it to the appropriate scope is the most effective way to automatically enforce the use of approved images. This approach ensures compliance at the time of deployment and provides ongoing compliance reporting. Additionally, using Azure Blueprints to package this policy with other artifacts can further ensure consistency and compliance across multiple subscriptions, making it a comprehensive solution for large-scale environments. Manual processes and reminders are not scalable or reliable for enforcing compliance, and relying on default settings does not address specific organizational requirements.