- (Exam Topic 3)
Select the answer that correctly completes the sentence.
Solution:
Microsoft Trust Center The Trust Center provides:
In-depth information about security, privacy, compliance offerings, policies, features, and practices across Microsoft cloud products.
Additional resources for each topic.
Links to the security, privacy, and compliance blogs and upcoming events. https://www.azureguru.org/explore-the-microsoft-trust-center/#:~:text=The%20Trust%20Center%20provides%3
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 1)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Solution:
Box 1: Yes
You can use the same account to manage multiple subscriptions. You can create an additional subscription for your account in the Azure portal. You may want an additional subscription to avoid hitting subscription limits, to create separate environments for security, or to isolate data for compliance reasons.
Box 2: No
You cannot merge two subscriptions into a single subscription. However, you can move some Azure resources from one subscription to another. You can also transfer ownership of a subscription and change the billing type for a subscription.
Box 3: Yes
A company can have multiple subscriptions and store resources in the different subscriptions. However, a resource instance can exist in only one subscription.
References:
https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/create-subscription
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 1)
You have a resource group named RG1.
You plan to create virtual networks and app services in RG1.
You need to prevent the creation of virtual machines only in RG1. What should you use?
Correct Answer:
D
Azure policies can be used to define requirements for resource properties during deployment and for already existing resources. Azure Policy controls properties such as the types or locations of resources.
Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.
In this question, we would create a Azure policy assigned to the resource group that denies the creation of virtual machines in the resource group.
You could place a read-only lock on the resource group. However, that would prevent the creation of any resources in the resource group, not virtual machines only. Therefore, an Azure Policy is a better solution.
References:
https://docs.microsoft.com/en-us/azure/governance/policy/overview
- (Exam Topic 2)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Solution:
References:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 1)
What should you use to evaluate whether your company's Azure environment meets regulatory requirements?
Correct Answer:
D
The Security Center blade from the Azure portal includes the ‘regulatory compliance dashboard’.
The regulatory compliance dashboard provides insight into your compliance posture for a set of supported standards and regulations, based on continuous assessments of your Azure environment.
In the Azure Security Center regulatory compliance blade, you can get an overview of key portions of your compliance posture with respect to a set of supported standards. Currently supported standards are Azure CIS, PCI DSS 3.2, ISO 27001, and SOC TSP.
In the dashboard, you will find your overall compliance score, and the number of passing versus failing assessments with each standard. You can now focus your attention on the gaps in compliance for a standard or regulation that is important to you.
References:
https://azure.microsoft.com/en-us/blog/regulatory-compliance-dashboard-in-azure-security-center-now-available