Finance wants every resource created in one production resource group to receive the tag CostCenter=FINSVC automatically, but deployments should not be blocked if a template omits the tag. Existing resources should be updated when possible. Which two actions should the administrator take? Select two.
The Modify effect can automatically add or update tags without blocking the deployment. That matches the requirement to keep deployments flowing while enforcing the tag.
Why this answer
Option A is correct because a Modify effect policy definition can automatically add or update the CostCenter tag on resources during creation or update, without blocking deployments if the tag is missing. This satisfies the requirement that deployments should not be blocked, as the Modify effect only applies the tag rather than denying non-compliant requests.
Exam trap
The trap here is that candidates often confuse Audit and Modify effects, thinking Audit can automatically fix tags, or they mistakenly believe a ReadOnly lock is needed to enforce consistency, when in fact Modify with remediation is the correct approach for automatic tag application without blocking deployments.