SC-100 · Question #52
SC-100 Question #52: Real Exam Question with Answer & Explanation
The correct answer is B: Require PINs for critical operations.. You need to recommend which CONTROLS must be enabled to ENSURE that Azure Backup can be used to RESTORE the resources in the event of a successful ransomware attack. Whilst helpful for auditing purposes and detection of a malicious attack, monitoring configuration changes and ale
Question
You have an Azure subscription that contains virtual machines, storage accounts, and Azure SQL databases. All resources are backed up multiple times a day by using Azure Backup. You are developing a strategy to protect against ransomware attacks. You need to recommend which controls must be enabled to ensure that Azure Backup can be used to restore the resources in the event of a successful ransomware attack. Which two controls should you include in the recommendation? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
Options
- AUse Azure Monitor notifications when backup configurations change.
- BRequire PINs for critical operations.
- CPerform offline backups to Azure Data Box.
- DEncrypt backups by using customer-managed keys (CMKs).
- EEnable soft delete for backups.
Explanation
You need to recommend which CONTROLS must be enabled to ENSURE that Azure Backup can be used to RESTORE the resources in the event of a successful ransomware attack. Whilst helpful for auditing purposes and detection of a malicious attack, monitoring configuration changes and alerting after a change is made does not represent a CONTROL which ENSURES Azure Backup can be used to RESTORE the resources. https://docs.microsoft.com/en-us/azure/security/fundamentals/backup-plan-to-protect-against-
Topics
Community Discussion
No community discussion yet for this question.