SC-100 · Question #301
SC-100 Question #301: Real Exam Question with Answer & Explanation
The correct answer is B: Microsoft Defender External Attack Surface Management (Defender EASM). The Defender CSPM plan utilizes the data collected through the Defender External Attack Surface Management integration to provide the following capabilities within the Defender for - Discover of all the internet facing cloud resources through the use of an outside-in scan. - Atta
Question
You have a multicloud environment that contains an Azure subscription, an Amazon Web Services (AWS) subscription, and a Google Cloud Platform (GCP) subscription. You plan to implement Cloud Security Posture Management (CSPM) by using Microsoft Defender for Cloud. You need to design a solution that will provide attack path analysis functionality for each subscription. What should you include in the solution?
Options
- Aregulatory compliance
- BMicrosoft Defender External Attack Surface Management (Defender EASM)
- Cagentless scanning
- DMicrosoft Cloud Security Benchmark (MCSB)
Explanation
The Defender CSPM plan utilizes the data collected through the Defender External Attack Surface Management integration to provide the following capabilities within the Defender for - Discover of all the internet facing cloud resources through the use of an outside-in scan. - Attack path analysis which finds all exploitable paths starting from internet exposed IPs. - Custom queries that correlate all internet exposed IPs with the rest of Defender for Cloud data in the cloud security explorer. https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-easm
Topics
Community Discussion
No community discussion yet for this question.