Practice free →
HomeAzure AZ-305cloudcomputingaz305identitygov › Which Azure governance feature should an archite…

Which Azure governance feature should an architect recommend to enforce constraints across the entire tenant (e.g. 'no resources outside India regions', 'no public IPs on storage accounts')?

APer-resource manual reviews each quarter
BAzure Policy (assigned at management-group or subscription scope) with definitions like 'Allowed Locations' and built-in security baselines
CAzure DNS
DAzure Bastion
Answer & Solution
Correct answer: B. Azure Policy (assigned at management-group or subscription scope) with definitions like 'Allowed Locations' and built-in security baselines
Azure Policy enforces compliance at scale (per AZ-305 §1 governance). The other options aren't policy services.
Solve this in the app — Azure AZ-305 practice & 24k+ MCQs →
Related questions