Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You use Azure Security Center for the centralized policy management of three Azure subscriptions.
You use several policy definitions to manage the security of the subscriptions.
You need to deploy the policy definitions as a group to all three subscriptions.
Solution: You create a policy definition and assignments that are scoped to resource groups.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B
https://4sysops.com/archives/apply-governance-policy-to-multiple-azure-subscriptions-with-management-groups/The solution presented in the question would not meet the stated goal of deploying the policy definitions as a group to all three subscriptions.
While scoping policy definitions to resource groups is a valid approach for managing policies, it does not meet the requirement of deploying the policy definitions as a group to all three subscriptions. Assigning the policies to resource groups only applies the policies to the resources within that resource group, not to resources in other resource groups or subscriptions.
To meet the goal of deploying the policy definitions as a group to all three subscriptions, a policy set definition should be created. A policy set definition is a container for a group of related policy definitions that can be deployed as a single unit. Policy set definitions can be applied at the management group, subscription, or resource group level. By applying a policy set definition at the subscription level, the policy definitions within the set are deployed to all resources within the subscription.
In summary, the solution presented in the question would not meet the goal of deploying the policy definitions as a group to all three subscriptions. Instead, a policy set definition should be created and applied at the subscription level to achieve the desired outcome. Therefore, the correct answer is B, No.