Microsoft Azure Resource Groups: Managing Compliance Across Subscriptions

Resource Groups

Prev Question Next Question

Question

This question requires that you evaluate the underlined text to determine if it is correct.

Resource groups provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions.

Instructions: Review the underlined text. If it makes the statement correct, select No change is needed. If the statement is incorrect, select the answer choice that makes the statement correct.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C

Azure policies can be used to define requirements for resource properties during deployment and for already existing resources. Azure Policy controls properties such as the types or locations of resources.

Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy meets this need by evaluating your resources for non- compliance with assigned policies. All data stored by Azure Policy is encrypted at rest.

For example, you can have a policy to allow only a certain SKU size of virtual machines in your environment. Once this policy is implemented, new and existing resources are evaluated for compliance. With the right type of policy, existing resources can be brought into compliance.

https://docs.microsoft.com/en-us/azure/governance/policy/overview

The underlined text states that "Resource groups provide organizations with the ability to manage the compliance of Azure resources across multiple subscriptions."

This statement is not entirely correct. Resource groups provide organizations with a way to organize and manage resources within a subscription. They are containers for Azure resources like virtual machines, storage accounts, and databases. They allow you to manage and monitor resources collectively as a single entity.

However, to manage compliance across multiple subscriptions, you would need to use a combination of Azure management groups, policies, and initiatives.

Azure management groups provide a way to organize subscriptions and apply governance controls across them. By grouping subscriptions, you can manage access control, apply policies, and enforce compliance across all the resources in the subscriptions.

Azure policies provide a way to enforce rules and apply governance across your resources. They allow you to define rules that resources must adhere to, and Azure will automatically evaluate resources against those rules.

Azure initiatives are collections of policies that are grouped together to achieve specific compliance goals. They allow you to apply a set of policies to a management group or subscription and track progress towards compliance.

Therefore, the correct answer is B. Management groups.