Answer A is correct.
Microsoft Cloud Security Posture Management (CSPM) is indeed a service that performs security assessments and can generate alerts when vulnerabilities are found.
Also right would be:
The Microsoft solution that performs security assessments and automatically generates alerts when a vulnerability is found is Microsoft Defender Vulnerability Management.
In https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-cloud-security-posture-management
MS says "One of Microsoft Defender for Cloud's main pillars is cloud security posture management (CSPM). CSPM provides detailed visibility into the security state of your assets and workloads, and provides hardening guidance to help you efficiently and effectively improve your security posture.
Defender for Cloud continually assesses your resources against security standards that are defined for your Azure subscriptions, AWS accounts, and GCP projects. Defender for Cloud issues security recommendations based on these assessments.
By default, when you enable Defender for Cloud on an Azure subscription, the Microsoft Cloud Security Benchmark (MCSB) compliance standard is turned on. It provides recommendations. Defender for Cloud provides an aggregated secure score based on some of the MCSB recommendations. The higher the score, the lower the identified risk level."
the word "alert" is not present in any KB relating to CSPM so i'm not sure that the right answer is "A"
Microsoft Sentinel, as a Security Information and Event Management (SIEM) solution, does not directly perform vulnerability assessments. However, it can integrate with vulnerability management solutions to ingest and analyze vulnerability data.
Maybe the right answer will be A. So while SIEM solutions also generate alerts, CSPM solutions are more specialized in assessing cloud security postures, identifying vulnerabilities, and automating alerts related to cloud-specific issues like misconfigurations.
Risk visualization and assessments are only two small parts of what CSPM can do for you. CSPM tools also perform incident responses, remediation recommendation, compliance monitoring, and DevOps integration to hybrid and multi-cloud environments/infrastructures. Some CSPM solutions help security teams to proactively connect weak spots in cloud environments and remediate them before a breach happens.
SIEM tools collect, aggregate, and analyze volumes of data from an organization’s applications, devices, servers, and users in real-time so security teams can detect and block attacks. SIEM tools use predetermined rules to help security teams define threats and generate alerts.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.SC-900 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
chiliman
Highly Voted 1 year, 1 month agoGiuseppe_Geraci
8 months agochiliman
1 year, 1 month agoLegendaryZA
Most Recent 8 months, 1 week agoNoursBear
1 year agoNoursBear
1 year agotsummey
1 year agoMSMN91
1 year, 1 month agoMSMN91
1 year, 1 month agoMSMN91
1 year, 1 month ago