Microsoft Azure Security Technologies (AZ-500)

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft Azure Security Technologies (AZ-500) exam. Prepare with well-structured questions and detailed explanations. Enhance your understanding and improve your readiness for the certification exam!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What should you use to ensure that Windows features that are not in use are automatically inactivated when provisioning Azure virtual machine instances?

  1. You should make use of Azure DevOps.

  2. You should make use of Azure Automation State Configuration.

  3. You should make use of network security groups (NSG).

  4. You should make use of Azure Blueprints.

The correct answer is: You should make use of Azure Automation State Configuration.

Using Azure Automation State Configuration is the appropriate choice for ensuring that Windows features not in use are automatically inactivated during the provisioning of Azure virtual machine instances. Azure Automation State Configuration provides a powerful framework for managing the configuration of your virtual machines in a declarative way. With State Configuration, you can define the desired state of the system or the configuration settings you want to apply. This includes specifying which Windows features should be enabled or disabled. When you use State Configuration, you can maintain compliance across all your virtual machines by automatically enforcing these configurations, thus ensuring that any unnecessary features are automatically turned off. This approach helps in reducing the attack surface of your VMs, thereby improving security by minimizing the number of enabled features and services that could potentially be exploited. Additionally, it allows for consistency across multiple VM deployments, as the same configuration can be applied uniformly. In contrast, Azure DevOps primarily focuses on development workflows and continuous integration/continuous delivery (CI/CD) processes and is less suited for direct system configuration management. Network Security Groups (NSGs) are used for controlling inbound and outbound traffic within Azure, and do not manage Windows features. Azure Blueprints enable the creation and management of environment configurations, but they align more with resource orchestration and governance

More Questions Like This