A security administrator is using Microsoft Defender for Cloud to improve the security posture of Azure resources. The administrator wants to view a consolidated assessment of compliance with industry standards such as CIS and NIST. Which feature should be used?
Trap 1: Secure Score
Secure Score shows the overall security posture and recommendations but does not map to specific industry standards.
Trap 2: Azure Policy
Azure Policy enforces rules for resource compliance but does not offer a consolidated compliance dashboard.
Trap 3: Microsoft Sentinel
Microsoft Sentinel is a security information and event management (SIEM) solution for threat detection, not for compliance assessment.
- A
Regulatory compliance dashboard
This dashboard directly provides compliance assessments against industry standards like CIS and NIST, showing which controls pass or fail.
- B
Secure Score
Why wrong: Secure Score shows the overall security posture and recommendations but does not map to specific industry standards.
- C
Azure Policy
Why wrong: Azure Policy enforces rules for resource compliance but does not offer a consolidated compliance dashboard.
- D
Microsoft Sentinel
Why wrong: Microsoft Sentinel is a security information and event management (SIEM) solution for threat detection, not for compliance assessment.