Exam SC-200 topic 5 question 2 discussion

Correct Answer A, E A: Microsoft Defender for Resource Manager handles (exploitation toolkits, operations from Malicious IP, Exposed secrets) https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-resource-manager-introduction E: Microsoft Defender for DevOps handle (vulnerabilities within application source code) https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction

I think correct. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-resource-manager-introduction#what-are-the-benefits-of-microsoft-defender-for-resource-manager https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction

A: Declarative templates (ARM) and malicious IPs: https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-resource-manager-introduction E: Source code and exposed secrets: https://learn.microsoft.com/en-us/azure/defender-for-cloud/iac-vulnerabilities https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction

Correct Answers: E. Microsoft Defender for DevOps: This service directly mitigates vulnerabilities within the application source code, exploitation toolkits in declarative templates, and exposed secrets. B. Microsoft Defender for DNS: This service helps mitigate operations from malicious IP addresses by monitoring DNS traffic for signs of malicious activity.

Microsoft Defender for App Service: This service helps protect your web applications by monitoring for common web app attacks and identifying emerging threats. Microsoft Defender for Servers: It helps defend against vulnerabilities, malware, and other threats targeting servers in your environment.

To mitigate the specified risks using Microsoft Defender for Cloud, you should use the following services: Microsoft Defender for Resource Manager (Azure Defender): This service provides protection against vulnerabilities within the application source code and exploitation toolkits in declarative templates. It helps secure your Azure resources by identifying and remediating security issues. Azure Defender integrates with Azure Security Center and provides advanced threat protection for Azure resources Microsoft Defender for App Service: This service helps protect your web applications hosted on Azure App Service. It can detect and block malicious traffic, including operations from malicious IP addresses. By securing your App Service, you reduce the risk of exposure to attacks and unauthorized access

To mitigate the risks you’ve mentioned, you should use: C. Microsoft Defender for App Service: This service provides protection against vulnerabilities within the application source code and operations from malicious IP addresses. It also helps in identifying and mitigating exposed secrets. E. Microsoft Defender for DevOps: This service helps in scanning your declarative templates for exploitation toolkits and other potential vulnerabilities. It also helps in identifying and mitigating exposed secrets in your DevOps pipeline. So, the correct answers are C and E. Each of these services addresses different aspects of your security needs and together they provide a comprehensive solution. Remember, security is a multi-layered approach and often requires multiple services working together to provide the best protection.