Identifying Non-compliant Azure Configurations and Workloads

C

The correct answer is C. Azure Security Center.

Azure Security Center is a unified security management system for all Azure resources, providing threat protection across hybrid workloads in the cloud and on-premises. One of the key features of Azure Security Center is the ability to assess compliance against a variety of industry standards, including ISO 27001.

To identify any Azure configurations and workloads that are non-compliant with ISO 27001 standards, you can use the Compliance dashboard in Azure Security Center. The Compliance dashboard provides a summary of your compliance posture for various standards, including ISO 27001, and it allows you to drill down into specific controls to see which resources are non-compliant.

Once you have identified non-compliant resources, Azure Security Center provides recommendations to help you remediate the issues and become compliant. You can also use Security Center's continuous monitoring capabilities to ensure that your resources remain compliant over time.

Azure Sentinel (option A) is a cloud-native security information and event management (SIEM) service that uses artificial intelligence to provide threat intelligence and analytics. While it can help detect and respond to security threats, it is not specifically designed for compliance assessment.

Azure Active Directory (Azure AD) Identity Protection (option B) is a feature within Azure AD that uses machine learning to detect and mitigate identity-based risks. It is not designed for compliance assessment.

Azure Advanced Threat Protection (ATP) (option D) is a cloud-based security solution that helps protect enterprise networks from advanced targeted attacks. While it can help detect and respond to security threats, it is not specifically designed for compliance assessment.