Microsoft AZ-120: What should you use to generate compliance report for ISO 27001?

Question

You are deploying an SAP production landscape to Azure. Your company’s chief information security officer (CISO) requires that the SAP deployment complies with ISO 27001. You need to generate a compliance report for ISO 27001. What should you use?

A. Azure Log Analytics
B. Azure Monitor
C. Azure Active Directory (Azure AD)
D. Azure Security Center

Answer

D. Azure Security Center

Explanation

The answer is D. Azure Security Center.

ISO 27001 is an international standard that specifies requirements for an information security management system. To comply with ISO 27001, organizations need to demonstrate that they have established controls to manage information security risks.

Azure Security Center is an Azure service that helps organizations comply with compliance standards like ISO 27001. It provides the following capabilities:

• Security policies – Security policies define the baselines that resources must comply with. Security policies can be configured for ISO 27001 compliance.
• Security assessments – Security assessments evaluate resources against the configured security policies and identify non-compliant resources.
• Compliance reports – Compliance reports show the compliance status of your environment against the configured security policies. These reports can be used to demonstrate ISO 27001 compliance.

The other options would not be suitable to generate an ISO 27001 compliance report:

A) Azure Log Analytics – Provides log collection and analytics but not compliance reporting.

B) Azure Monitor – Provides monitoring capabilities but not for compliance.

C) Azure Active Directory – Provides identity and access management but not compliance reporting.

To generate an ISO 27001 compliance report for your SAP deployment in Azure, you can:

1. Configure Azure Security Center with security policies based on ISO 27001 requirements
2. Run a security assessment to evaluate your SAP resources against the policies
3. Generate a compliance report from Azure Security Center to show the ISO 27001 compliance status of your SAP deployment

So in summary, Azure Security Center is the only Azure service listed that can generate an ISO 27001 compliance report by evaluating your resources against ISO 27001-based security policies and reporting on compliance status.

Reference

• ISO/IEC 27001 – Azure Compliance | Microsoft Learn
• Regulatory Compliance details for ISO 27001:2013 – Azure Policy | Microsoft Learn
• Regulatory compliance dashboard in Azure Security Center now available | Azure Blog | Microsoft Azure
• Compliance Document Finder | SAP Trust Center
• Azure compliance documentation | Microsoft Learn

Planning and Administering Microsoft Azure for SAP Workloads AZ-120 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Planning and Administering Microsoft Azure for SAP Workloads AZ-120 exam and earn Planning and Administering Microsoft Azure for SAP Workloads AZ-120 certification.