Microsoft Azure Security Technologies — Question 6

You have 15 Azure virtual machines in a resource group named RG1.
All the virtual machines run identical applications.
You need to prevent unauthorized applications and malware from running on the virtual machines.
What should you do?

Answer options

• A. Apply an Azure policy to RG1.
• B. From Azure Security Center, configure adaptive application controls.
• C. Configure Azure Active Directory (Azure AD) Identity Protection.
• D. Apply a resource lock to RG1.

Correct answer: B

Explanation

The correct answer is B because configuring adaptive application controls in Azure Security Center allows you to define which applications are permitted to run on your virtual machines, effectively preventing unauthorized applications and malware. Option A is incorrect as applying an Azure policy does not specifically address application control. Option C, while important for identity protection, does not directly prevent unauthorized applications from running. Option D, applying a resource lock, does not prevent applications from executing but instead restricts modifications to the resource group.