HOTSPOT -
You open Microsoft Defender for Cloud as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:
Box 1: Azure Web Application Firewall (WAF)
Restrict unauthorized network access control: 1 resource out of 11 needs to be addresses.
Restrict unauthorized network access - Azure offers a suite of tools designed to ensure accesses across your network meet the highest security standards.
Use these recommendations to manage Defender for Cloud's adaptive network hardening settings, ensure you've configured Azure Private Link for all relevant
PaaS services, enable Azure Firewall on your virtual networks, and more.
Note: Azure Web Application Firewall (WAF) is an optional addition to Azure Application Gateway.
Azure WAF protects inbound traffic to the web workloads, and the Azure Firewall inspects inbound traffic for the other applications. The Azure Firewall will cover outbound flows from both workload types.
Incorrect:
Not network security groups (NSGs).
Box 2: Microsoft Defender for servers
Enable endpoint protection - Defender for Cloud checks your organization's endpoints for active threat detection and response solutions such as Microsoft
Defender for Endpoint or any of the major solutions shown in this list.
When an Endpoint Detection and Response (EDR) solution isn't found, you can use these recommendations to deploy Microsoft Defender for Endpoint (included as part of Microsoft Defender for servers).
Incorrect:
Not Microsoft Defender for Resource Manager:
Microsoft Defender for Resource Manager does not handle endpoint protection.
Microsoft Defender for Resource Manager automatically monitors the resource management operations in your organization, whether they're performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. Defender for Cloud runs advanced security analytics to detect threats and alerts you about suspicious activity.
Reference:
https://docs.microsoft.com/en-us/azure/defender-for-cloud/secure-score-security-controls
Selection 1: NSG Selection 2: Microsoft Defender for servers
NSGs: https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/security-control-restrict-unauthorized-network-access/ba-p/1593833
Question in the exam today 19/05/2023
What were your selections?
please if you dont have the right answers do not type anything.
That was not very nice
I'd have selected WAF but i can see it is under "Protect applications against DDoS attacks" recommendations. NSG is the right for 1st box and MDfS is correct. REF: https://learn.microsoft.com/en-us/azure/defender-for-cloud/secure-score-security-controls?branch=main#security-controls-and-their-recommendations
1. NSG 2. Microsoft Defender for servers https://learn.microsoft.com/en-us/azure/defender-for-cloud/secure-score-security-controls#security-controls-and-their-recommendations
WAF is incorrect as it only affects level 7 layer of HTTP protocol
NSG https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/security-control-restrict-unauthorized-network-access/ba-p/1593833
NSG:Unautorised Network access can be prevented by NSG Microsoft Defender for Server
Box1: NSG Box2: Microsoft Defender for servers
Selection 1: NSG Selection 2: Microsoft Defender for servers Explanation: Question 85 https://www.youtube.com/watch?v=_DvisTemjGQ&list=PLQ2ktTy9rklhzzkSEZvDZT4QSIVUQZD-Y&index=6
1. nsg - ref. 4, https://learn.microsoft.com/en-us/azure/defender-for-cloud/secure-score-security-controls?branch=main#how-your-secure-score-is-calculated 2.. defender for endpoint ref 2. https://learn.microsoft.com/en-us/azure/defender-for-cloud/secure-score-security-controls?branch=main#how-your-secure-score-is-calculated
2.. defender for server
NSG and M$ Defender for Servers
Selection 1: NSG - https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/security-control-restrict-unauthorized-network-access/ba-p/1593833 Selection 2: Defender for servers
For those choosing NSG, you should actually look at the options given in the recommendation under Network Security and you will see clearly that it DOES NOT EXIST. The recommendations are for a Firewall, WAF, etc but not NSG which is applicable at the level of a VNET and not a subscription which may or may not have any vnets.
No you're wrong Expand the menu and you can see: Internet-facing virtual machines should be protected with network security groups All network ports should be restricted on NSG associated to your VM etc. There's no WAF and CA item in the list...
Incorrect. WAF is a layer-7 appliance. It doesn't care about network (layer 3), only application protocols (HTTP, HTTPS, etc).
NSG + MDfS
1 and 2, just checked my live environment and NSG is at the top of the list
sorry: 1-NSG, 2:MDS
Quick analysis of https://learn.microsoft.com/en-us/azure/defender-for-cloud/secure-score-security-controls tells us that - Restrict unauthorized network access = Virtual networks should be protected by Azure Firewall - Enable endpoint protection = Defender for Cloud checks your organization’s endpoints for active threat detection and response solutions such as [list], [list] shows Defender for Servers and/or Defender for Containers. Therefore answers are: - Azure Web Application Firewall (WAF) - Microsoft Defender for Servers
Well, after rethinking it should be NSG and MDfS