You have an Azure subscription that uses Microsoft Defender for Cloud. You have accounts for the following cloud services: • Alibaba Cloud • Amazon Web Services (AWS) • Google Cloud Platform (GCP) What can you add to Defender for Cloud?
Question 312
You have an Azure subscription. You plan to map an online infrastructure and perform vulnerability scanning for the following: • ASNs • Hostnames • IP addresses • SSL certificates What should you use?
Question 313
HOTSPOT - You have an Azure subscription that uses Microsoft Defender for Cloud. You plan to use the Secure Score Over Time workbook. You need to configure the Continuous export settings for the Defender for Cloud data. Which two settings should you configure? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.
Question 314
You are troubleshooting a security issue for an Azure Storage account. You enable Azure Storage Analytics logs and archive it to a storage account. What should you use to retrieve the diagnostics logs?
Question 315
You have an Azure subscription that uses Microsoft Defender for Cloud. You have an Amazon Web Services (AWS) account. You need to ensure that when you deploy a new AWS Elastic Compute Cloud (EC2) instance, the Microsoft Defender for Servers agent installs automatically. What should you configure first?
Question 316
HOTSPOT - You have an Azure subscription that contains a Microsoft Defender External Attack Surface Management (Defender EASM) resource named EASM1. EAMS1 contains the inventory assets shown in the following table. Which assets are scanned daily, and which assets will display in the default dashboard charts? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 317
You have an Azure subscription that uses Microsoft Defender for Cloud. You have an Amazon Web Services (AWS) account named AWS1 that is connected to Defender for Cloud. You need to ensure that AWS1 uses AWS Foundational Security Best Practices. The solution must minimize administrative effort. What should you do in Defender for Cloud?
Question 318
HOTSPOT - You plan to deploy a custom policy initiative for Microsoft Defender for Cloud. You need to identify all the resource groups that have a Delete lock. How should you complete the policy definition? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Question 319
You are troubleshooting a security issue for an Azure Storage account. You enable Azure Storage Analytics logs and archive it to a storage account. What should you use to retrieve the diagnostics logs?
Question 320
You have an Azure subscription that contains a Microsoft Defender External Attack Surface Management (Defender EASM) resource named EASM1. You review the Attack Surface Summary dashboard. You need to identify the following insights: • Deprecated technologies that are no longer supported • Infrastructure that will soon expire Which section of the dashboard should you review?
