- (Exam Topic 3)
Your company has an Azure subscription that has enhanced security enabled for Microsoft Defender for Cloud.
The company signs a contract with the United States government.
You need to review the current subscription for NIST 800-53 compliance. What should you do first?

1. A. From Defender for Cloud, review the secure score recommendations.
2. B. From Microsoft Sentinel, configure the Microsoft Defender for Cloud data connector.
3. C. From Defender for Cloud, review the Azure security baseline for audit report.
4. D. From Defender for Cloud, add a regulatory compliance standard.

Correct Answer: D
https://docs.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages#what-regula

- (Exam Topic 3)
You have an Azure subscription that has Microsoft Defender for Cloud enabled.
You are evaluating the Azure Security Benchmark V3 report as shown in the following exhibit.

You need to verify whether Microsoft Defender for servers is installed on all the virtual machines that run Windows. Which compliance control should you evaluate?

1. A. Data Protection
2. B. Incident Response
3. C. Posture and Vulnerability Management
4. D. Asset Management
5. E. Endpoint Security

Correct Answer: E
https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-endpoint-security

- (Exam Topic 3)
You have an Azure subscription that has Microsoft Defender for Cloud enabled. You are evaluating the Azure Security Benchmark V3 report.
In the Secure management ports controls, you discover that you have 0 out of a potential 8 points.
You need to recommend configurations to increase the score of the Secure management ports controls. Solution: You recommend enabling just-in-time (JIT) VM access on all virtual machines.
Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A
https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-privileged-access#pa-2-avoid-s

- (Exam Topic 3)
You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.
The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.
You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.
Which security control should you recommend?

1. A. app discovery anomaly detection policies in Microsoft Defender for Cloud Apps
2. B. adaptive application controls in Defender for Cloud
3. C. Azure Security Benchmark compliance controls m Defender for Cloud
4. D. app protection policies in Microsoft Endpoint Manager

Correct Answer: B
https://docs.microsoft.com/en-us/azure/defender-for-cloud/recommendations-reference#compute-recommendati

- (Exam Topic 2)
You need to recommend an identity security solution for the Azure AD tenant of Litware. The solution must meet the identity requirements and the regulatory compliance requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A