ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 3 question 43 discussion

Actual exam question from Microsoft's AZ-500
Question #: 43
Topic #: 3
[All AZ-500 Questions]

You have an Azure subscription that contains an Azure Container Registry named Registry1. Microsoft Defender for Cloud is enabled in the subscription.
You upload several container images to Registry1.
You discover that vulnerability security scans were not performed.
You need to ensure that the container images are scanned for vulnerabilities when they are uploaded to Registry1.
What should you do?

  • A. From the Azure portal, modify the Pricing tier settings.
  • B. From Azure CLI, lock the container images.
  • C. Upload the container images by using AzCopy.
  • D. Push the container images to Registry1 by using Docker.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Rume at June 30, 2021, 11:44 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
w00t
Highly Voted 3 years, 8 months ago
Commenting again because I found this. Answer is A -- Follow this link for a good explanation. I think this question is missing a portion in it that the subscription uses Standard tiering: https://www.examtopics.com/discussions/microsoft/view/39932-exam-az-500-topic-2-question-48-discussion/
upvoted 16 times
ITFranz
4 months ago
There is anything in the question that states what subscription type. Hard to get the right answer. Thankyou w00t for the input.
upvoted 1 times
...
OpsecDude
2 years, 7 months ago
This question needs more context as you mentioned, they'd have mentioned the tier was Standard.
upvoted 3 times
...
JakeCallham
2 years, 8 months ago
Even without that info, the other answers dont make sense at all, this one at least does.
upvoted 7 times
...
...
JaiSharma
Highly Voted 3 years, 7 months ago
In exam today!
upvoted 10 times
...
schpeter_091
Most Recent 5 months, 1 week ago
Selected Answer: A
Support for answer 'A'. "The Basic tier of Azure Container Registry does not include vulnerability scanning. To enable vulnerability scanning for your container images, you need to be on the Standard tier or higher."
upvoted 1 times
...
91743b3
9 months, 1 week ago
On exam Aug 6 2024
upvoted 2 times
...
flafernan
1 year, 5 months ago
Selected Answer: A
Microsoft Defender for Cloud in its standard version does not have Defender for Kubernetes enabled. If you want your container images to be scanned when the images are uploaded, you will need to enable it and add this new “tier” to your monthly cost. https://learn.microsoft.com/pt-br/azure/defender-for-cloud/defender-for-kubernetes-introduction
upvoted 2 times
...
be9z
1 year, 6 months ago
The answer is A because fee tier for Microsoft Defender expires after 30 days, hence the vulnerability scanning will stop working. You will need to get a paid tier (standard)
upvoted 2 times
...
ESAJRR
1 year, 7 months ago
Selected Answer: A
A. From the Azure portal, modify the Pricing tier settings.
upvoted 1 times
...
majstor86
2 years, 2 months ago
Selected Answer: A
A. From the Azure portal, modify the Pricing tier settings.
upvoted 2 times
...
ligu
2 years, 2 months ago
Answer is correct.
upvoted 1 times
...
OrangeSG
2 years, 3 months ago
Selected Answer: A
Defender for Cloud offers basic, and many enhanced security features that can help protect your organization against threats and attacks. When you enable the enhanced security features (paid), Defender for Cloud can provide unified security management and threat protection across your hybrid cloud workloads, including: Container security features Container security features - Benefit from vulnerability management and real-time threat protection on your containerized environments. Charges are based on the number of unique container images pushed to your connected registry. After an image has been scanned once, you won't be charged for it again unless it's modified and pushed once more. Reference Basic and enhanced security features https://learn.microsoft.com/en-us/azure/defender-for-cloud/enhanced-security-features-overview
upvoted 1 times
...
gentos
3 years, 2 months ago
Selected Answer: A
Need to enable scanning for container registries from pricing tier.
upvoted 3 times
...
TonytheTiger
3 years, 7 months ago
## Exam Question - 17 Sept 2021 ##
upvoted 6 times
...
francis6170
3 years, 7 months ago
Got this in the AZ-500 exam (Sept 2021)!
upvoted 7 times
...
kakakayayaya
3 years, 8 months ago
Not C because: Azure Defender will then scan all images when they’re pushed to the registry, imported into the registry, or pulled within the last 30 days. https://docs.microsoft.com/en-us/azure/security-center/defender-for-container-registries-introduction
upvoted 1 times
kakakayayaya
3 years, 8 months ago
Answer A fists mostly but I don like the way how question presented by Microsoft.
upvoted 5 times
...
...
w00t
3 years, 8 months ago
Does anyone have proper insight as to why the answer is apparently "A"? I'm confused here.
upvoted 1 times
...
rsharma007
3 years, 9 months ago
Since in this case even with Azure Defender enabled, new images are not scanned, it could be that defender is currently setup with Container registry plan to "Off".
upvoted 2 times
...
epic13131
3 years, 9 months ago
How is it not C?
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago