Your company uses the following resources:
-> Windows Server 2019 container images hosted in an Azure Container Registry.
-> Azure virtual machines that run the latest version of Ubuntu
-> An Azure Log Analytics workspace
-> Azure Active Directory (Azure AD)
-> An Azure key vault
For which two resources can you receive vulnerability assessments in Azure Security Center? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Click on the arrows to vote for the correct answer
A. B. C. D. E.BC
B: Azure Security Center includes Azure-native, advanced threat protection for Azure Key Vault, providing an additional layer of security intelligence.
C: When Security Center discovers a connected VM without a vulnerability assessment solution deployed, it provides the security recommendation "A vulnerability assessment solution should be enabled on your virtual machines".
Ubuntu supported versions: 12.04 LTS, 14.04 LTS, 15.x, 16.04 LTS, 18.04 LTS
https://docs.microsoft.com/en-us/azure/security-center/deploy-vulnerability-assessment-vmAzure Security Center provides vulnerability assessments for a range of Azure resources to help identify and address potential security issues. The resources for which you can receive vulnerability assessments in Azure Security Center are:
E. The Windows Server 2019 container images hosted in the Azure Container Registry: Azure Security Center can scan your container images hosted in Azure Container Registry for vulnerabilities and provide recommendations to help you address any issues that are found.
C. The Azure virtual machines that run the latest version of Ubuntu: Azure Security Center can also scan virtual machines running in Azure for vulnerabilities. For virtual machines running Ubuntu, Azure Security Center can use the open-source tool Qualys to scan for vulnerabilities.
Note that although Azure Security Center can scan virtual machines running in Azure for vulnerabilities, it requires the installation of an agent on the virtual machines to do so.
The other resources mentioned in the question, Azure Log Analytics workspace, Azure Active Directory (Azure AD), and Azure key vault, are not currently supported for vulnerability assessments in Azure Security Center. However, Azure Security Center can still provide other security-related recommendations and alerts for these resources.