Microsoft Azure Solutions Architect Expert AZ-305 Practice Question
Your organization manages 10 Azure subscriptions, all contained in a single root management group. A new requirement mandates alignment with the NIST SP 800-53 framework. You must continuously detect resources that violate the framework, automatically remediate misconfigurations when a supported fix exists, and generate an aggregated compliance score with exportable evidence for auditors across all subscriptions while minimizing administrative overhead. What should you recommend?
Create an Azure Monitor workbook that uses Azure Resource Graph queries to identify non-compliant resources and schedule workbook exports.
Assign the built-in NIST SP 800-53 Azure Policy initiative at the root management group, enable automatic remediation tasks, and use the Azure Policy compliance dashboard to export reports.
Use Azure Advisor recommendations across all subscriptions and export the recommendation data for auditing.
Enable Microsoft Defender for Cloud regulatory compliance dashboard in each subscription and export the results.
Assigning the built-in NIST SP 800-53 Azure Policy initiative at the root management group meets every requirement. The initiative applies hundreds of individual policy definitions to all existing and future subscriptions in the hierarchy, evaluates resources for compliance, and surfaces an overall compliance score in the Azure Policy dashboard. Policies that support deploy-if-not-exists or modify effects can be configured for automatic remediation, and the compliance results can be exported in CSV or JSON formats for audit purposes. Microsoft Defender for Cloud's regulatory compliance dashboard provides security posture information but must be enabled per subscription and does not offer broad auto-remediation. Azure Monitor workbooks and Azure Advisor can report information, yet neither delivers built-in mappings to NIST controls or automated fixes. Therefore, an Azure Policy initiative at the management-group scope is the most effective and least administratively intensive solution.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the NIST SP 800-53 framework?
Open an interactive chat with Bash
How does the Azure Policy initiative ensure compliance?
Open an interactive chat with Bash
What is the difference between Azure Policy and Microsoft Defender for Cloud?
Open an interactive chat with Bash
Microsoft Azure Solutions Architect Expert AZ-305
Design identity, governance, and monitoring solutions
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .