Your company will be deploying new servers that will host an application that customers will use. A security analyst named Deborah needs to ensure the following objectives are met:

Your company will be deploying new servers that will host an application that customers will use. A security analyst named Deborah needs to ensure the following objectives are met:

• Websites are protected from attackers exhausting application resources

• Reports are generated that detail any attempted attacks.

Deborah’s solution is to recommend using Azure Information Protection.

Does the solution meet the objectives?

A) No

B) Yes

Explanation

You should use DDos Protection instead of Azure Information Protection. DDoS protection protects from DDoS attacks which exhaust application resources. Azure provides DDoS Protection Basic for free. DDoS Protection Standard provides more features such as alerting, telemetry, and logging. It can use the logging feature to generate reports that give detailed information about the attack.

Azure Information Protection controls sensitive information such as personal identifiable information (PII) in emails in transit and at rest, as well as documents in transit and at rest. Azure Information Protection will not protect against DDoS attacks.

 

Objective:

Describe security, privacy, compliance, and trust

Sub-Objective:

Describe Azure network security

References:

Azure DDoS Protection Standard Overview | Microsoft Docs