Question 1

You have an Azure subscription that contains an Azure SQL server named SQL1. SQL1 contains an Azure SQL database named DB1.

You need to use Microsoft Defender for Cloud to complete a vulnerability assessment for DB1.

What should you do first?

Options :

A : From Advanced Threat Protection types, select SQL injection vulnerability.

B : Configure the Send scan report to setting.

C : Set Periodic recurring scans to ON.

D : Enable the Microsoft Defender for SQL plan.

Answer: D

Question 2

You're assessing the overall security posture of your Azure environment. Which tool in Azure provides you with a numeric value indicating the percentage of security best practices you've adhered to?

Options :

A : Azure Security Center Alerts

B : Microsoft Defender for Cloud Secure Score

C : Azure Compliance Manager

D : Azure Advisor Score

Answer: D

Question 3

Which Azure service would you primarily utilize to manage security for web applications against common web-based threats, such as SQL injection and cross-site scripting?

Options :

A : Azure Firewall

B : Azure Front Door

C : Azure Application Gateway

D : Web Application Firewall (WAF)

Answer: D

Question 4

For storing and managing container images and Helm charts securely within the Azure instance, which Azure service should you use?

Options :

A : Azure Kubernetes Service (AKS)

B : Azure Container Apps (ACAs)

C : Azure Container Instances (ACIs)

D : Azure Container Registry (ACR)

Answer: D

Question 5

You have an Azure subscription that contains an Azure SQL database named DB1 in the East US Azure region.

You create the storage accounts shown in the following table.

You plan to enable auditing for DB1.

Which storage accounts can you use as the auditing destination for DB1?

Options :

A : storage1 and storage4 only

B : storage1 only

C : storage1, storage2, storage3, and storage4

D : storage1, storage2, and storage3 only

E : storage2 and storage3 only

Answer: D