Exam SC-100 topic 4 question 25 discussion

B. Microsoft Defender for Cloud Microsoft Defender for Cloud (formerly known as Azure Security Center) is a comprehensive cloud security management system that helps you monitor and improve the security of your Azure resources. It provides continuous security assessment based on various compliance standards, including NIST CSF. It offers recommendations and best practices to help you align with the NIST CSF and other security frameworks. The other options (A, C, and D) have different purposes and are not specifically designed for evaluating compliance with NIST CSF

B. Microsoft Defender for Cloud Microsoft Defender for Cloud provides a comprehensive security management solution that helps you assess, detect, and respond to threats across your Azure environment. It includes built-in assessments based on industry standards, including the NIST Cybersecurity Framework, to ensure your resources comply with best practices.

Looks like purview is now the preferred way https://learn.microsoft.com/en-us/compliance/regulatory/offering-nist-csf#use-microsoft-purview-compliance-manager-to-assess-your-risk

https://learn.microsoft.com/en-us/azure/defender-for-cloud/regulatory-compliance-dashboard

B. Defender for Cloud "Defender for Cloud continually assesses the environment-in-scope against standards. Based on assessments, it shows in-scope resources as being compliant or noncompliant with the standard, and provides remediation recommendations." Source: https://learn.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages#add-a-regulatory-standard-to-your-dashboard

Ans is B, all-day!

While options A (Compliance Manager in Microsoft Purview) and D (Microsoft Defender for Cloud Apps) also offer security-related features, they are more focused on specific areas such as compliance management and application security, respectively. Option B (Microsoft Defender for Cloud) primarily focuses on protecting cloud workloads. However, for evaluating compliance with the NIST CSF across the Azure environment as a whole, Microsoft Sentinel is the most suitable choice.

B is the answer. https://learn.microsoft.com/en-us/azure/defender-for-cloud/regulatory-compliance-dashboard Microsoft Defender for Cloud helps streamline the process for meeting regulatory compliance requirements, using the regulatory compliance dashboard. Defender for Cloud continuously assesses your hybrid cloud environment to analyze the risk factors according to the controls and best practices in the standards that you've applied to your subscriptions. The dashboard reflects the status of your compliance with these standards. When you enable Defender for Cloud on an Azure subscription, the Microsoft cloud security benchmark is automatically assigned to that subscription. This widely respected benchmark builds on the controls from the Center for Internet Security (CIS), PCI-DSS and the National Institute of Standards and Technology (NIST) with a focus on cloud-centric security.

Regulatory Compliance Dashboard has the Azure compliance data. Compliance Manager aggregates this and Office 365 compliance data. For the question, RCD is more direct and actionable.

https://learn.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages#add-a-regulatory-standard-to-your-dashboard

https://learn.microsoft.com/en-us/azure/defender-for-cloud/review-security-recommendations

https://learn.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages#add-a-regulatory-standard-to-your-dashboard

it is the Compliance Manager in Microsoft Purview for sure https://learn.microsoft.com/en-us/compliance/regulatory/offering-nist-csf#use-microsoft-purview-compliance-manager-to-assess-your-risk

https://learn.microsoft.com/en-us/compliance/regulatory/offering-nist-csf

https://learn.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages https://learn.microsoft.com/en-us/azure/defender-for-cloud/regulatory-compliance-dashboard