You have a Microsoft 365 subscription and an Azure subscription. Microsoft 365 Defender and Microsoft Defender for Cloud are enabled.The Azure subscription contains 50 virtual machines. Each virtual machine runs different applications on Windows Server 2019.You need to recommend a solution to ensure that only authorized applications can run on the virtual machines. If an unauthorized application attempts to run or be installed, the application must be blocked automatically until an administrator authorizes the application.Which security control should you recommend?
Your company plans to provision blob storage by using an Azure Storage account. The blob storage will be accessible from 20 application servers on the internet.You need to recommend a solution to ensure that only the application servers can access the storage account.What should you recommend using to secure the blob storage?
Your company is developing a modern application that will un as an Azure App Service web app.You plan to perform threat modeling to identity potential security issues by using the Microsoft Threat Modeling Tool.Which type of diagram should you create?
Your company has an on-premises network and an Azure subscription.The company does NOT have a Site-to-Site VPN or an ExpressRoute connection to Azure.You are designing the security standards for Azure App Service web apps. The web apps will access Microsoft SQL Server databases on the network.You need to recommend security standards that will allow the web apps to access the databases. The solution must minimize the number of open internet- accessible endpoints to the on-premises network.What should you include in the recommendation?
You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle (SDL).You need to recommend a security standard for onboarding applications to Azure. The standard will include recommendations for application design, development, and deployment.What should you include during the application design phase?
You have an Azure subscription that has Microsoft Defender for Cloud enabled.Suspicious authentication activity alerts have been appearing in the Workload protections dashboard.You need to recommend a solution to evaluate and remediate the alerts by using workflow automation. The solution must minimize development effort.What should you include in the recommendation?
