SC-100 · Question #113
SC-100 Question #113: Real Exam Question with Answer & Explanation
The correct answer is A: From Azure Policy, assign a built-in initiative that has a scope of the subscription.. {"question_number": 3, "correct_answer": "A", "explanation": "The correct first step is to assign a built-in Azure Policy initiative for NIST SP 800-53. Azure Policy includes a built-in regulatory compliance initiative called 'NIST SP 800-53 Rev. 5' that, when assigned to the sub
Question
Your company has an Azure subscription that has enhanced security enabled for Microsoft Defender for Cloud. The company signs a contract with the United States government. You need to review the current subscription for NIST 800-53 compliance. What should you do first?
Options
- AFrom Azure Policy, assign a built-in initiative that has a scope of the subscription.
- BFrom Microsoft Sentinel, configure the Microsoft Defender for Cloud data connector.
- CFrom Defender for Cloud, review the Azure security baseline for audit report.
- DFrom Microsoft Defender for Cloud Apps, create an access policy for cloud applications
Explanation
{"question_number": 3, "correct_answer": "A", "explanation": "The correct first step is to assign a built-in Azure Policy initiative for NIST SP 800-53. Azure Policy includes a built-in regulatory compliance initiative called 'NIST SP 800-53 Rev. 5' that, when assigned to the subscription, automatically evaluates resources against NIST controls and generates a compliance report. Microsoft Sentinel (B) is for SIEM/SOAR, not compliance reporting. The Azure security baseline audit report (C) maps to the Azure Security Benchmark, not NIST specifically. Defender for Cloud Apps (D) manages cloud app access policies, not regulatory compliance assessments.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.