Answer-first summary for fast verification
Answer: Create a custom Azure Policy definition that specifies the approved VM images and assign this policy to the relevant scope (subscription or resource group)., Use Azure Blueprints to package the custom Azure Policy along with other artifacts to ensure consistent deployment and compliance across multiple subscriptions.
Creating a custom Azure Policy definition that specifies the approved VM images and assigning it to the appropriate scope is the most effective way to automatically enforce the use of approved images. This approach ensures compliance at the time of deployment and provides ongoing compliance reporting. Additionally, using Azure Blueprints to package this policy with other artifacts can further ensure consistency and compliance across multiple subscriptions, making it a comprehensive solution for large-scale environments. Manual processes and reminders are not scalable or reliable for enforcing compliance, and relying on default settings does not address specific organizational requirements.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As the Azure administrator for your organization, you are tasked with ensuring that all new virtual machines (VMs) deployed across your Azure environment use only a specific set of approved images to maintain security and compliance standards. The solution must automatically enforce this requirement without manual intervention and should be scalable to accommodate future growth. Additionally, the solution must provide compliance reporting to audit VM deployments against the approved images. Which of the following approaches BEST meets these requirements? (Choose two options if option E is available.)
A
Implement a manual review process where each VM deployment is checked by an administrator to verify the image source before approval.
B
Create a custom Azure Policy definition that specifies the approved VM images and assign this policy to the relevant scope (subscription or resource group).
C
Rely on the default settings in Azure without creating any custom policies, assuming that all deployments will comply with organizational standards.
D
Send an email to all IT staff reminding them to use only approved images for VM deployments, without implementing any automated checks.
E
Use Azure Blueprints to package the custom Azure Policy along with other artifacts to ensure consistent deployment and compliance across multiple subscriptions.