nerdexam
ExamsAZ-500Questions#163
MicrosoftMicrosoft

AZ-500 · Question #163

AZ-500 Question #163: Real Exam Question with Answer & Explanation

The correct answer is A: Add the Microsoft Antimalware extension to VM1.. Explanation Adding the Microsoft Antimalware extension (Option A) directly resolves Azure Security Center's "Install endpoint protection solutions" recommendation because this extension deploys real-time antimalware protection on the VM, which is exactly what Security Center moni

Submitted by minji_kr· Mar 6, 2026Secure compute, storage, and databases

Question

You have an Azure virtual machine named VM1. From Azure Security Center, you get the following high-severity recommendation: "Install endpoint protection solutions on virtual machine". You need to resolve the issue causing the high-severity recommendation. What should you do?

Options

  • AAdd the Microsoft Antimalware extension to VM1.
  • BInstall Microsoft System Center Security Management Pack for Endpoint Protection on VM1.
  • CAdd the Network Watcher Agent for Windows extension to VM1.
  • DOnboard VM1 to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).

Explanation

Explanation

Adding the Microsoft Antimalware extension (Option A) directly resolves Azure Security Center's "Install endpoint protection solutions" recommendation because this extension deploys real-time antimalware protection on the VM, which is exactly what Security Center monitors for and requires to clear the alert.

Why the distractors are wrong:

  • Option B (System Center Security Management Pack) is a monitoring/management tool for SCOM, not an endpoint protection solution that Azure Security Center recognizes as fulfilling this requirement.
  • Option C (Network Watcher Agent) is used for network monitoring and packet capture - it has nothing to do with antimalware or endpoint protection.
  • Option D (Microsoft Defender ATP/MDE) is an advanced threat detection and response platform, not the lightweight endpoint protection solution Security Center is recommending; while valuable, it doesn't directly resolve this specific recommendation in the same way.

Memory Tip: Think of it this way - Security Center is asking for antivirus/antimalware, and the Microsoft Antimalware extension is the native Azure answer. If the question mentions Security Center + "endpoint protection" + VM extension, always look for the Antimalware extension - it's the direct, Azure-native solution designed specifically for this scenario. The keyword "extension" in the answer is your clue it's a VM-level add-on, not a separate platform or tool.

Topics

#Azure Virtual Machines#Endpoint Protection#Azure Security Center#VM Extensions

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full AZ-500 PracticeBrowse All AZ-500 Questions