You have an Azure subscription that contains a Log Analytics workspace. You need to enable just-in-time (JIT) VM access and network detections for Azure resources. Where should you enable Azure Defender?
"Enabling it at the workspace level doesn't enable just-in-time VM access, adaptive application controls, and network detections for Azure resources. In addition, the only Microsoft Defender plans available at the workspace level are Microsoft Defender for servers and Microsoft Defender for SQL servers on machines."
Reference: https://docs.microsoft.com/en-us/azure/defender-for-cloud/enable-enhanced-security
You can use Microsoft Defender for Cloud's just-in-time (JIT) access to protect your Azure virtual machines (VMs) from unauthorized network access.
Prerequisites: JIT requires Microsoft Defender for Servers Plan 2 to be enabled on the subscription.
https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-usage#prerequisites
Just-in-time virtual machine access locks down machine ports to reduce the attack surface. To use this feature, Defender for Cloud must be enabled on the subscription.
source: https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers-select-plan
It must be enabled at the Subscription level before it can be enabled at the resource level.
Tested in the "Secure Azure services and workloads with Microsoft Defender for Cloud regulatory compliance controls" Applied Skills Assessment
https://learn.microsoft.com/en-us/credentials/applied-skills/secure-azure-services-and-workloads-with-microsoft-defender-for-cloud-regulatory-compliance-controls/
Just-in-time virtual machine access locks down machine ports to reduce the attack surface. To use this feature, Defender for Cloud must be enabled on the subscription.
https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers-select-plan#plan-features:~:text=Just%2Din%2Dtime%20virtual%20machine%20access%20locks%20down%20machine%20ports%20to%20reduce%20the%20attack%20surface.%20To%20use%20this%20feature%2C%20Defender%20for%20Cloud%20must%20be%20enabled%20on%20the%20subscription.
You can protect an entire Azure subscription with Azure Defender and the protections will be inherited by all resources within the subscription.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.SC-200 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Daniel9527
Highly Voted 3 years, 4 months agoMalik2165
Highly Voted 3 years, 6 months agoamsioso
2 years, 9 months agoamsioso
2 years, 9 months agoNikki0222
Most Recent 7 months, 2 weeks agoVeiN
7 months, 2 weeks agotalosDevbot
8 months, 2 weeks agoMS_KoolaidMan
1 year, 5 months agochepeerick
1 year, 7 months agoasterlvdw
1 year, 9 months agoAdom3730
2 years agoTiredofTesting
2 years, 5 months agoTx4free
3 years, 3 months agoAnonymousJhb
3 years, 2 months agoEltooth
3 years, 9 months agoHSBNZ
3 years, 9 months ago