Crucial Exams

Microsoft Azure Security Engineer Associate AZ-500 Practice Question

Your organization groups 20 production subscriptions in Azure under a management group named Contoso-Prod. You are asked to start measuring compliance with the CIS Microsoft Azure Foundations Benchmark for all current and future subscriptions while keeping administrative overhead as low as possible. In Microsoft Defender for Cloud, what should you do first?

  • Deploy the built-in CIS compliance workbook from the Azure Monitor Gallery to the management group.

  • Add the CIS Microsoft Azure Foundations Benchmark standard at the Contoso-Prod management-group level.

  • Add the CIS Microsoft Azure Foundations Benchmark standard separately to each subscription.

  • Create a custom Azure Policy initiative that contains the CIS controls and assign it to the management group.

Microsoft Azure Security Engineer Associate AZ-500
Secure Azure using Microsoft Defender for Cloud and Microsoft Sentinel
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot