Answer-first summary for fast verification
Answer: Apply a CanNotDelete lock to the resource group to prevent deletion but allow modifications., Combine the application of a CanNotDelete lock with Azure Monitor alerts to notify administrators of any attempted deletion activities.
Applying a CanNotDelete lock to the resource group ensures that the resources cannot be accidentally deleted while still allowing for necessary modifications, thus maintaining operational flexibility. Combining this with Azure Monitor alerts (option E) enhances security by providing real-time notifications of any attempted deletion activities, offering an additional layer of protection. This approach optimally balances security with operational needs, making it the best solution under the given constraints.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your organization is managing a critical Azure environment that includes a resource group containing production databases. To safeguard these resources, you need to implement a solution that prevents accidental deletion while allowing necessary modifications for operational flexibility. Considering the importance of minimizing downtime and ensuring compliance with internal policies, which of the following actions would BEST meet these requirements? (Choose two options if option E is available.)
A
Implement Azure Policy to enforce naming conventions and automatically apply tags to resources within the resource group.
B
Apply a CanNotDelete lock to the resource group to prevent deletion but allow modifications.
C
Apply a ReadOnly lock to the resource group to prevent both deletion and modification.
D
Use Azure Backup to create regular backups of the resource group and store them in a geographically redundant storage account.
E
Combine the application of a CanNotDelete lock with Azure Monitor alerts to notify administrators of any attempted deletion activities.
No comments yet.