What capabilities below are part of Azure Defender for Servers? (Mark all correct ones)
Click on the arrows to vote for the correct answer
A. B. C. D. E.Correct Answers: A, B, C and D.
Reference:
Azure Defender for Servers is a cloud-native security solution provided by Microsoft to detect and respond to advanced attacks targeting servers running in the Azure cloud or on-premises data centers. The solution uses behavioral analytics, machine learning, and threat intelligence to detect and prevent attacks in real-time.
The capabilities of Azure Defender for Servers are as follows:
A. Adaptive Application Control: This capability enables administrators to control which applications are allowed to run on servers. It uses machine learning to create a baseline of normal behavior and detect anomalies. If an application is not on the approved list, it will be blocked from running. This helps prevent malware from running on servers.
B. Integration with Qualys for Vulnerability Assessment: This capability allows administrators to assess the security posture of servers by scanning for vulnerabilities. Azure Defender for Servers integrates with Qualys to perform vulnerability scans and provide recommendations for remediation.
C. Adaptive Network Hardening: This capability enables administrators to control network traffic to and from servers. It uses machine learning to create a baseline of normal behavior and detect anomalies. If network traffic is not on the approved list, it will be blocked. This helps prevent lateral movement by attackers.
D. Fileless attack detection for Windows: This capability detects attacks that do not involve writing files to disk. Attackers can use fileless techniques to evade detection by traditional antivirus solutions. Azure Defender for Servers uses behavioral analytics to detect fileless attacks.
E. Vulnerability assessment for Azure Container Registries: This capability allows administrators to assess the security posture of container images stored in Azure Container Registries. Azure Defender for Servers performs vulnerability scans and provides recommendations for remediation.
Therefore, the correct answers are A, C, and D. Azure Defender for Servers does not have integration with Qualys for Vulnerability Assessment for servers as part of its capabilities. Instead, it has integration with Qualys for vulnerability assessment for Azure Container Registries as part of its capabilities.