QUESTION: 21 Exam Topic: Manage security operations questions

You have an Azure subscription that contains 100 virtual machines and has Azure Defender enabled.
You plan to perform a vulnerability scan of each virtual machine.
You need to deploy the vulnerability scanner extension to the virtual machines by using an Azure Resource Manager template.
Which two values should you specify in the code to automate the deployment of the extension to the virtual machines? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

the user-assigned managed identity
the workspace ID
the Azure Active Directory (Azure AD) ID
the Key Vault managed storage account key
the system-assigned managed identity
the primary shared key

Answer(s): B,E

Reveal Solution Next Question

QUESTION: 22 Exam Topic: Manage security operations questions

You have an Azure subscription that contains a user named Admin1 and a virtual machine named VM1. VM1 runs Windows Server 2019 and was deployed by using an Azure Resource Manager template. VM1 is the member of a backend pool of a public Azure Basic Load Balancer.
Admin1 reports that VM1 is listed as Unsupported on the Just in time VM access blade of Azure Security Center.
You need to ensure that Admin1 can enable just in time (JIT) VM access for VM1.
What should you do?

Create and configure a network security group (NSG).
Create and configure an additional public IP address for VM1.
Replace the Basic Load Balancer with an Azure Standard Load Balancer.
Assign an Azure Active Directory Premium Plan 1 license to Admin1.

Answer(s): A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/security-center/security-center-just-in-time?tabs=jit-config-asc%2Cjit-request-asc

Reveal Solution Next Question

QUESTION: 23 Exam Topic: Manage security operations questions

HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure Sentinel workspace that contains an Azure Active Directory (Azure AD) connector, an Azure Log Analytics query named Query1, and a playbook named Playbook1.
Query1 returns a subset of security events generated by Azure AD.
You plan to create an Azure Sentinel analytic rule based on Query1 that will trigger Playbook1.
You need to ensure that you can add Playbook1 to the new rule.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

See Explanation section for answer.

Answer(s): A

Explanation:

Reference:

https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-custom https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook

Reveal Solution Next Question

QUESTION: 24 Exam Topic: Manage security operations questions

HOTSPOT (Drag and Drop is not supported) (Drag and Drop is not supported)
You have an Azure subscription that contains the resources shown in the following table.
An IP address of 10.1.0.4 is assigned to VM5. VM5 does not have a public IP address.
VM5 has just in time (JIT) VM access configured as shown in the following exhibit.
You enable JIT VM access for VM5.
NSG1 has the inbound rules shown in the following exhibit.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area: