Microsoft Cybersecurity Architect — Question 6

You have an Azure subscription that has Microsoft Defender for Cloud enabled.
You have an Amazon Web Services (AWS) implementation.
You plan to extend the Azure security strategy to the AWS implementation. The solution will NOT use Azure Arc.
Which three services can you use to provide security for the AWS resources? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

Answer options

• A. Microsoft Defender for Containers
• B. Microsoft Defender for servers
• C. Azure Active Directory (Azure AD) Conditional Access
• D. Azure Active Directory (Azure AD) Privileged Identity Management (PIM)
• E. Azure Policy

Correct answer: A, C, E

Explanation

The correct answers are A, C, and E because Microsoft Defender for Containers offers security for containerized applications, Azure AD Conditional Access provides security policies for access management, and Azure Policy helps enforce standards across resources. Options B and D are not applicable as they focus on server security and identity management within Azure rather than extending security to AWS resources.