Exam AZ-500 topic 4 question 99 discussion

To assign an Azure policy for the Azure CIS 1.4.0 standard: 1. Go to the Azure portal. 2. Click Security Center. 3. Click Regulatory compliance. 4. Click Add standard. 5. Select Azure CIS 1.4.0 and click Add. 6. Select the scope of the policy and click Assign. The question is about 'What should you do first', so do the 'add' before 'assign'.

A is correct. However, Azure policy is confusing. On MDC, the name is security policy.

Manually add the Azure CIS 1.4.0 standard. Its not added by default. By default, there are: PCI DSS, ISO 27001, SOC TSP and Microsoft Cloud Security Benchmark.

Manually add the Azure CIS 1.4.0 standard. Its not added by default.

#6 From the Add regulatory compliance standards page, you can search for any of the available standards: Screenshot showing adding regulatory standards to regulatory compliance dashboard. #7 Select Add and enter all the necessary details for the specific initiative such as scope, parameters, and remediation. https://learn.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages

THE STATNDARDS ARE ASSIGNED TO THE SECURITY POLICY. SOME EVEN COME ASSIGNED BY DEFAULT. YOU ASSIGN A POLICY BEFORE YOU CAN MANUALLY ADD THE STANDARD. (A) IS CORRECT.

C. Manually add the Azure CIS 1.4.0 standard Azure CIS 1.4.0 standard is not added by default, you have to add it manually. Note: You must have Defender Cloud Security Posture Management (CSPM). Foundational CSPM propably is not enough.

Manually add the Azure CIS 1.4.0 standard.

A. Is correct

A. Similar question appeared before