Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
the correct answer should be " C. Initiative1 and Initiative2 only " as ASC does not support the integration of policies as is, just initiatives (which is a set of policies)
I agree with this answer. From the link it says that "you can add your own custom initiatives" but in no one place it says that can add custom policy outside an initiative. And based on the options that the Security Policy inside ASC give us, and the answers given, the best one seems to be "Initiative1 and Initiative2 only"
the question is not asking for a custom policy, the given answer is correct, you can create a policy or a custom initiative - both using the ASC. Verified in the lab
please don't confuse yourself, if you look closely it is allowing you to add policies to your initiative, then it is the initiative (collection of policies) that you can add to your subscription.
D is correct. You can add custom policies already created.
https://docs.microsoft.com/en-us/azure/security-center/custom-security-policies?pivots=azure-portal
In the Add custom initiatives page, review the list of custom policies already created in your organization. If you see one you want to assign to your subscription, click Add.
D is correct:
An assignment is a policy definition or initiative that has been assigned to take place within a specific scope. This scope could range from a management group to an individual resource. The term scope refers to all the resources, resource groups, subscriptions, or management groups that the definition is assigned to. Assignments are inherited by all child resources. This design means that a definition applied to a resource group is also applied to resources in that resource group. However, you can exclude a subscope from the assignment.
Initiative is a set of policy definitions, it could have just one policy definition
ASC > Security Policy > Add custom initiatives
that is the only way to add custom policy or initiative to your subscription. I would have to go with D as well
Confirmed in the lab created an initiative in Azure Policy and was able to see that under the security policies standard, the custom policy I created is nowhere to be seen even if I click create a custom standard I could only see the buitin policies
I think it should be C
The required step to add a custom recomendation you need to create an Azure Policy and (as second step) a policy initiative
https://learn.microsoft.com/en-us/azure/defender-for-cloud/custom-security-policies?pivots=azure-portal#create-a-custom-recommendation
I don't know how they got the informationas ASC doesn't support policies but it is :
https://learn.microsoft.com/en-us/answers/questions/25743/what-is-a-security-policy-in-azure-security-center
Answer: C
Explanation:
Initiative1 and Initiative2 only " as ASC does not support the integration of policies as is, just initiatives (which
is a set of policies)
To identify which initiatives and policies you can add to Subscription1 using Azure Security Center, you need to consider that initiatives are a higher-level grouping of policies that are designed to achieve specific security goals. You can apply initiatives to your subscription, and these initiatives are composed of individual policies. Let's analyze the options:
Policy1 and Policy2 only: Initiatives are not mentioned in this option. Only individual policies are mentioned, so this option is not correct.
Initiative1 only: Initiative1 is mentioned, but Initiative2 is not mentioned. You should consider both initiatives for completeness.
Initiative1 and Initiative2 only: This option mentions both initiatives, which is correct.
Initiative1, Initiative2, Policy1, and Policy2: This option includes all initiatives and policies, which is correct.
Based on the above analysis, the correct answer is:
D. Initiative1, Initiative2, Policy1, and Policy2
On defender for cloud, in a security policy (it's like a defender for cloud "setting"/option on a management group, or a subscription, where you can):
- Assign policies directly to the default initiative
- Create and Assign Custom initiative, containing multiple policies.
So I would go with answer D.
Tested in Lab.
Answer is correct.
You can create custom initiatives and custom policies with category of "security center" or "my custom category".
Later from defender for cloud, you can select existing custom initiatives with any category, and then you can create a new custom initiative with the already created custom policies with both categories.
I would go with D:https://learn.microsoft.com/en-us/azure/governance/policy/overview#assignments
It says:
"An assignment is a policy definition or initiative that has been assigned to a specific scope. This scope could range from a management group to an individual resource. The term scope refers to all the resources, resource groups, subscriptions, or management groups that the definition is assigned to. "
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
D999999
Highly Voted 3 years, 1 month agojonav94
3 years agovj77
2 years, 8 months agozeesti
2 years, 5 months agoworkguan
2 years, 7 months agovijeet
3 years agoCyberbug2021
Highly Voted 3 years agoAlagong
Most Recent 1 week, 2 days agohfk2020
4 months, 2 weeks agohfk2020
4 months, 2 weeks agoManiMessner
5 months agorosef
5 months, 1 week agowardy1983
5 months, 2 weeks agoESAJRR
7 months, 1 week agoBigShot0
7 months, 2 weeks agoalfaAzure
8 months ago_fvt
8 months, 4 weeks agoheatfan900
9 months agoAlexbz
10 months, 1 week agoYesvanth1
10 months, 2 weeks agoServerBrain
1 year agomajstor86
1 year, 2 months agoCeliaZhou
1 year, 4 months agochikorita
1 year, 2 months ago