Microsoft Cybersecurity Architect — Question 73

You are designing a ransomware mitigation strategy.

You perform a ransomware risk assessment and identify business-critical assets.

You need to recommend a solution to mitigate ransomware threats. The solution must follow Microsoft security best practices.

Which two actions should you include in the recommendation? Each correct answer presents a complete solution.

NOTE: Each correct answer is worth one point.

Answer options

• A. Enable firewall logging for auditing, without restricting inbound or outbound traffic.
• B. Use extended patching cycles to reduce the risk of update-related service disruptions.
• C. Implement immutable, offline backups that have restricted access and test restore procedures regularly.
• D. Deploy Privileged Identity Management (PIM) that uses just-in-time (JIT) access and approval workflows.

Correct answer: C, D

Explanation

The correct answers are C and D because implementing immutable, offline backups ensures that critical data is protected against ransomware, while Privileged Identity Management (PIM) enhances security by limiting access and requiring approval for sensitive actions. Options A and B do not directly address ransomware mitigation; A focuses on logging without traffic control, and B may not effectively reduce ransomware risks.