Learn how to use Azure Security Center, a service that provides unified security management and threat protection, to implement adaptive application controls that help you control which applications can run on your virtual machines.
Table of Contents
Question
Tradewind Traders has recently migrated some of its data and resources to Azure cloud services. Management wants to implement security that will limit the applications that can run on certain virtual machines. Which of the following approaches provide such a solution?
A. Implement an application control rule in Azure Security Center.
B. Connect the virtual machines to Azure Sentinel.
C. Administrators periodically review which applications are running on each VMs by creating and running PowerShell scripts.
Answer
A. Implement an application control rule in Azure Security Center.
Explanation
With Azure Security Center, you can define a list of allowed applications to ensure that only applications you allow can run. Azure Security Center can also detect and block malware from being installed on your VMs.
The answer to the question is A. Implement an application control rule in Azure Security Center. Here is why:
Azure Security Center is a service that provides unified security management and threat protection for Azure resources and services. One of the features of Azure Security Center is adaptive application controls, which help you control which applications can run on your virtual machines. Adaptive application controls use machine learning to analyze the applications running on your virtual machines and create a list of the known-safe software. You can then enable and configure application control rules to allow only the applications that you have defined as safe. If any application runs other than the ones you have defined as safe, you will get a security alert.
The other options, connecting the virtual machines to Azure Sentinel and periodically reviewing the applications running on each VMs by creating and running PowerShell scripts, are not correct because they do not provide a solution for limiting the applications that can run on certain virtual machines. Azure Sentinel is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution that helps you collect, analyze, and respond to security incidents. PowerShell is a scripting language and command-line tool that allows you to automate tasks and manage systems. Neither of these approaches can help you define and enforce application control rules for your virtual machines.
Microsoft Azure AI Fundamentals AI-900 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft Azure AI Fundamentals AI-900 exam and earn Microsoft Azure AI Fundamentals AI-900 certification.
