Microsoft Azure Security Engineer Associate AZ-500 Practice Question
Your company is onboarding a production Amazon Web Services (AWS) account to Microsoft Defender for Cloud so that the account's resources appear in the Defender for Cloud inventory and contribute to Secure Score. In the Azure portal you create a new AWS connector and successfully deploy the required CloudFormation stack that creates the cross-account IAM role. After several hours, no recommendations or Secure Score information are shown for the AWS account. Which prerequisite must be completed in the AWS account before Defender for Cloud can start ingesting security findings?
Install and configure the AWS Systems Manager agent on all Amazon EC2 instances.
Enable AWS Security Hub in every region of the AWS account.
Enable Amazon GuardDuty in the us-east-1 region only.
Create an AWS Config recorder and deliver configuration snapshots to an S3 bucket only.
Microsoft Defender for Cloud retrieves security posture information from AWS by querying AWS Security Hub. If Security Hub is not enabled, no findings are generated for Defender for Cloud to ingest, so the inventory remains empty and Secure Score cannot be calculated. Enabling Security Hub (which automatically turns on the necessary AWS Config recorder) in each region of the onboarded account satisfies Defender for Cloud's data source requirement. GuardDuty, the Systems Manager agent, and a standalone AWS Config recorder are not sufficient on their own; they do not provide the broad vulnerability and configuration findings that Defender for Cloud expects to receive from Security Hub.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AWS Security Hub?
Open an interactive chat with Bash
Why is enabling AWS Security Hub necessary for Microsoft Defender for Cloud?
Open an interactive chat with Bash
What does AWS Config do when integrated with Security Hub?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .