Exam SC-500 Topic 1 Question 43 Discussion
Actual exam question for Microsoft's SC-500 exam
Question #: 43
Topic #: 1
Question #: 43
Topic #: 1
You have an Azure subscription named Sub1 that contains multiple virtual machines. Sub1 has the Microsoft Defender Cloud Security Posture Management (CSPM) plan enabled.
You discover that Defender for Cloud fails to identify plaintext connection strings and SSH keys stored on the virtual machines.
You need to ensure that secrets can be identified on the virtual machines.
What should you do?
You discover that Defender for Cloud fails to identify plaintext connection strings and SSH keys stored on the virtual machines.
You need to ensure that secrets can be identified on the virtual machines.
What should you do?
Suggested Answer: B Vote an answer
Agentless machine scanning enables Defender CSPM to scan virtual machine disks for exposed plaintext secrets, including connection strings and SSH private keys. It uses disk snapshots and cloud APIs without requiring an agent installation or affecting virtual machine performance.
Reference:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/secrets-scanning-servers
https://learn.microsoft.com/en-us/azure/defender-for-cloud/secrets-scanning
Reference:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/secrets-scanning-servers
https://learn.microsoft.com/en-us/azure/defender-for-cloud/secrets-scanning
by Dean at Jul 12, 2026, 12:21 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).