Home › Azure AZ-500 › cloudcomputing › az500defendersentinel › Which Azure governance service should a security…
Which Azure governance service should a security engineer use to define and assign policies (e.g. 'storage accounts must use HTTPS only') across many subscriptions?
AAzure Cache for Redis
BAzure Policy (with initiatives bundling multiple policies)
CAzure DNS
DManual quarterly excel sheets
Answer & Solution
Correct answer: B. Azure Policy (with initiatives bundling multiple policies)
Azure Policy + initiatives is Azure's compliance enforcement (per AZ-500 §4 governance). The other options aren't policy services.
Related questions
Which Azure feature should a security engineer use to BACK UP Key Vault keys + secrets + cWhich Azure Key Vault network setting should a security engineer enable to restrict accessWhich Microsoft Sentinel feature lets a security engineer automatically respond to incidenWhich Microsoft Sentinel feature lets a security engineer define KQL queries that automatiWhich Microsoft Sentinel feature lets a security engineer ingest data from Azure / MicrosoWhich Microsoft service is Azure's cloud-native SIEM + SOAR — ingesting logs from many souWhich Microsoft Defender for Cloud feature lets a security engineer connect AWS / GCP enviWhich Microsoft Defender for Cloud plan should a security engineer enable to detect SQL in