Microsoft Cybersecurity Architect Expert SC-100

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Integrate Azure Policy with Azure Monitor and Azure Security Center to not only enforce compliance with the CIS Azure Foundations benchmark but also to enable real-time monitoring, alerting, and automated remediation of any security or compliance issues.

Option D is the most comprehensive and effective solution as it combines the enforcement of compliance standards with real-time monitoring, alerting, and remediation capabilities. This approach ensures that the application not only adheres to the required security and compliance standards but also addresses any issues promptly through automation. Options A, B, and C, while useful, lack the real-time monitoring and automated remediation features that are critical for maintaining continuous compliance and security in a dynamic cloud environment.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

As a Microsoft Cybersecurity Architect, you are designing a comprehensive security and compliance strategy for a cloud-native application hosted on Azure. The application leverages Azure Kubernetes Service (AKS) for container orchestration, Azure SQL Database for data storage, and Azure Storage for blob data. Your strategy must enforce security and compliance controls across these services, ensuring adherence to the Center for Internet Security (CIS) Azure Foundations benchmark. Additionally, the solution must provide real-time monitoring, alerting, and remediation capabilities to address any compliance deviations promptly. Which of the following approaches BEST meets these requirements? (Choose one option)

Simulated

Develop custom Azure Policy definitions tailored specifically for AKS, Azure SQL Database, and Azure Storage to enforce encryption, network security configurations, and access controls, without integrating with any monitoring tools.

25.0%

Assign built-in Azure Policy initiatives focused on compliance with the CIS Azure Foundations benchmark to the application's resource group, but do not implement any real-time monitoring or alerting mechanisms.

25.0%

Utilize Azure Policy solely for auditing and reporting purposes to track compliance status over time, without enabling any automatic remediation or real-time alerting features.

25.0%

Integrate Azure Policy with Azure Monitor and Azure Security Center to not only enforce compliance with the CIS Azure Foundations benchmark but also to enable real-time monitoring, alerting, and automated remediation of any security or compliance issues.