Preventing Creation of Azure Virtual Machines with Unmanaged Disks

B

The correct answer is B. Azure Policy.

Azure Policy is a service in Azure that allows you to create, assign, and manage policies to enforce compliance with organizational standards and regulations. Azure Policy can be used to define rules that ensure that resources deployed in an Azure subscription comply with specific guidelines or restrictions.

In this case, you need to prevent users from creating virtual machines that use unmanaged disks. To accomplish this, you can create an Azure Policy that specifies the use of managed disks for all virtual machines deployed in the subscription. This policy can be enforced by assigning it to the subscription.

Once the policy is assigned, Azure Policy will evaluate resources in the subscription to ensure they comply with the policy. If a virtual machine is created that uses an unmanaged disk, Azure Policy will prevent the deployment and notify the user that their resource does not comply with the policy.

Azure Monitor is a service that provides monitoring and alerting capabilities for Azure resources. While it can be used to monitor and alert on policy violations, it is not designed to enforce policy compliance.

Azure Security Center is a service that provides security recommendations and threat protection for Azure resources. While it can provide recommendations related to managing disks for virtual machines, it is not designed to enforce policy compliance.

Azure Service Health is a service that provides information about service incidents and planned maintenance for Azure resources. It is not designed to enforce policy compliance.