Practice Test 4 | Microsoft Azure Security Technologies | AZ-500 | Dumps | Mock Test

Correct Answers: B and D

• Option B is Correct because You should modify the ISO/IEC 27001:2013 initiative assignment. During the assignment process, you have to set the option Create a remediation task to Yes. Your existing vulnerable resources will only be evaluated if this is set to Yes. Newly created resources are always evaluated. The assigned policy initiative then evaluates your existing Azure resources according to the business rules defined in the policy initiative and creates a remediation task in Microsoft Defender for Cloud’s recommendations.
• Option D is Correct because You should also review security recommendations in Microsoft Defender for Cloud and remediate your vulnerable resources if any.
• Option A is Incorrect because You should not create a custom Policy Initiative definition. To simplify management, multiple security policies can be grouped together into an Initiative. After an Initiative is defined, it has to be assigned to a resource. Only Initiative assignment enforces the defined rules on a resource. Creating an Initiative definition does not meet the goal
• Option C is Incorrect because You should not create a custom security Policy definition. Security policy definitions are definitions of business rules, described in JSON format. After a Policy is defined, it has to be assigned to a resource. Only the assignment enforces the policy (business rules) on the respective resource. Creating a custom Policy definition does not meet the goal.

Reference:

• ISO/IEC 27001:2013 Information Security Management Standards – Microsoft Compliance | Microsoft Learn