Learn which Azure resources like virtual networks, VMs, key vaults and storage accounts can be protected using Microsoft Defender for Cloud. Prepare for the AZ-500 certification exam with this practice question and detailed explanation.
Table of Contents
Question
You have an Azure subscription that contains the resources shown in the following table.
| Name | Description |
|---|---|
| VNet1 | Virtual network |
| VM1 | Linux virtual machine |
| Vault1 | Azure key vault |
| storage1 | Storage account |
You plan to implement Microsoft Defender for Cloud.
Which resources can be protected by using Defender for Cloud?
A. VM1 only
B. VM1 and storage1 only
C. Vault1 and storage1 only
D. VM1, Vault1, and storage1 only
E. VNet1, VM1, Vault1, and storage1
Answer
The correct answer is: D. VM1, Vault1, and storage1 only
Explanation
Microsoft Defender for Cloud can protect a variety of Azure resources, but not all resource types.
It can protect:
- Virtual machines (VMs) like VM1
- Databases
- Storage accounts like storage1
- Key vaults like Vault1
- App services
- Kubernetes clusters
- Container registries
- SQL servers
However, Defender for Cloud does not directly protect virtual networks like VNet1. It can monitor and secure resources within a virtual network, but the virtual network itself is not a protected resource type.
Therefore, of the resources listed, only the Linux VM (VM1), storage account (storage1), and key vault (Vault1) can be directly protected by enabling the relevant Defender for Cloud plans and features for those resource types. The virtual network (VNet1) cannot be directly protected.
To summarize:
- Microsoft Defender for Cloud can protect VMs, storage accounts, key vaults and several other Azure resource types
- It cannot directly protect virtual networks, although it secures resources within VNets
- For the resources listed in the question, only VM1, Vault1 and storage1 can be protected by Defender for Cloud, making D the correct answer
Microsoft AZ-500 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Microsoft AZ-500 exam and earn Microsoft AZ-500 certification.