Azure Defender Enablement for Resources in a Subscription

Ensure Azure Defender is Enabled for All Resources in a Subscription

Question

Which selection helps you to ensure Azure Defender is enabled over all the resources in a Subscription?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: C Option C is correct as Automatic provisioning will install the required agent for the resources.

Option A & B are incorrect as such feature is not present under Continuous assessments and coverage.

Reference:

The correct answer is B. Coverage type.

Azure Defender is a cloud-native security solution that helps to protect Azure resources and workloads. It provides advanced threat protection for various Azure services, such as virtual machines, storage accounts, and Azure Kubernetes Service (AKS).

To ensure that Azure Defender is enabled over all the resources in a Subscription, you need to configure the coverage type. The coverage type determines which resources are covered by Azure Defender. There are two types of coverage:

  1. Resource-specific coverage: This coverage type allows you to enable Azure Defender for specific Azure resources, such as virtual machines, Azure SQL databases, and storage accounts. You can enable or disable Azure Defender for individual resources as needed.

  2. Subscription-wide coverage: This coverage type enables Azure Defender for all supported resources within a Subscription. It ensures that all resources are protected without requiring you to enable Azure Defender on each individual resource.

To configure subscription-wide coverage, you need to follow these steps:

  1. Sign in to the Azure portal.
  2. Navigate to the Security Center.
  3. Click on the subscription you want to configure.
  4. Click on the Pricing & settings tab.
  5. Under the Azure Defender plan section, select the subscription-wide coverage option.
  6. Click Save to apply the changes.

Continuous assessments, automatic provisioning, and Azure Arc are not related to enabling Azure Defender over all the resources in a Subscription.

Continuous assessments is a feature that helps you to identify security vulnerabilities and misconfigurations in your Azure resources.

Automatic provisioning allows you to automatically deploy and configure Azure Defender for new resources as they are created.

Azure Arc is a hybrid cloud management solution that enables you to manage and govern resources across on-premises, multi-cloud, and edge environments.