Which Azure App Service Plans Support Microsoft Defender?
Prepare for the AZ-500 exam by learning which Azure App Service plans are required for Advanced Threat Protection. Discover why Microsoft Defender for App Service needs dedicated machines and which tiers are supported.
Question
Advanced Threat Protection in Security Center can be enabled for an App Service plan only if the plan is associated with dedicated machines.
A. FALSE
B. TRUE
Answer
B. TRUE
Explanation
Only App Services associated with dedicated machines can be enabled for advanced threat protection. Security Center doesn’t support the Free, Shared, or Consumption plans.
The statement is true because Advanced Threat Protection for App Service, now known as Microsoft Defender for App Service, requires dedicated compute resources to function. This feature provides threat detection by monitoring the underlying virtual machines, sandboxes, and logs associated with your App Service plan. This level of inspection and data collection is only possible on plans where you are allocated dedicated infrastructure.
- Supported Plans: Microsoft Defender for App Service is supported on plans that run on dedicated virtual machine instances. These include the Basic, Standard, Premium, and Isolated tiers. These tiers provide the necessary environment for Defender for Cloud to collect detailed security telemetry.
- Unsupported Plans: The Free and Shared plans are multi-tenant environments where resources are shared among different customers. This architecture does not permit the level of isolated monitoring required for threat detection. The Consumption plan, used for serverless functions, also operates on shared, dynamically allocated infrastructure and is therefore not supported.
Microsoft Certified Azure Security Engineer Associate AZ-500 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Microsoft Certified Azure Security Engineer Associate AZ-500 exam and earn Microsoft Certified Azure Security Engineer Associate AZ-500 certification.