Microsoft Cybersecurity Architect — Question 13

Your company plans to evaluate the security of its Azure environment based on the principles of the Microsoft Cloud Adoption Framework for Azure.

You need to recommend a cloud-based service to evaluate whether the Azure resources comply with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).

What should you recommend?

Answer options

• A. Compliance Manager in Microsoft Purview
• B. Microsoft Defender for Cloud
• C. Microsoft Sentinel
• D. Microsoft Defender for Cloud Apps

Correct answer: B

Explanation

The correct answer is Microsoft Defender for Cloud, as it provides comprehensive security management and threat protection for Azure resources, helping to ensure compliance with frameworks like NIST CSF. The other options, while useful for various security tasks, do not specifically focus on compliance evaluation against the NIST framework.