Exam SC-500 Topic 1 Question 43 Discussion

Actual exam question for Microsoft's SC-500 exam
Question #: 43
Topic #: 1
You have an Azure subscription named Sub1 that contains multiple virtual machines. Sub1 has the Microsoft Defender Cloud Security Posture Management (CSPM) plan enabled.
You discover that Defender for Cloud fails to identify plaintext connection strings and SSH keys stored on the virtual machines.
You need to ensure that secrets can be identified on the virtual machines.
What should you do?

Suggested Answer: B Vote an answer

Agentless machine scanning enables Defender CSPM to scan virtual machine disks for exposed plaintext secrets, including connection strings and SSH private keys. It uses disk snapshots and cloud APIs without requiring an agent installation or affecting virtual machine performance.
Reference:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/secrets-scanning-servers
https://learn.microsoft.com/en-us/azure/defender-for-cloud/secrets-scanning

by Dean at Jul 12, 2026, 12:21 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10