SC-100 Question #106: Real Exam Question with Answer & Explanation

Question

You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled. The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019. You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application. Which security control should you recommend?

Options

• Aapp discovery anomaly detection policies in Microsoft Defender for Cloud Apps
• Badaptive application controls in Defender for Cloud
• CAzure Security Benchmark compliance controls in Defender for Cloud
• Dapp protection policies in Microsoft Endpoint Manager

Explanation

Adaptive application controls are an intelligent and automated solution for defining allowlists of known-safe applications for your machines. Often, organizations have collections of machines that routinely run the same processes. Microsoft Defender for Cloud uses machine learning to analyze the applications running on your machines and create a list of the known-safe software. Allowlists are based on your specific Azure workloads, and you can further customize the recommendations using the instructions When you've enabled and configured adaptive application controls, you'll get security alerts if any application runs other than the ones you've defined as safe. https://docs.microsoft.com/en-us/azure/defender-for-cloud/adaptive-application-controls https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policy https://docs.microsoft.com/en-us/defender-cloud-apps/cloud-discovery-anomaly-detection-policy https://docs.microsoft.com/en-us/security/benchmark/azure/overview

No community discussion yet for this question.