ExpertMedium1 markMultiple Choice
AZ-305 · Question 11 · Domain 1.3: Governance
Your organization is implementing a chargeback model using Microsoft Cost Management.
The finance department requires that every Azure resource be tagged with a 'CostCenter' tag. If a user attempts to create a resource without this tag, the deployment must be blocked. Furthermore, for existing resources missing the tag, the tag should be automatically added with a value of 'Unassigned'.
Which THREE Azure Policy effects should you use to achieve this? (Select THREE)
Your organization is implementing a chargeback model using Microsoft Cost Management.
The finance department requires that every Azure resource be tagged with a 'CostCenter' tag. If a user attempts to create a resource without this tag, the deployment must be blocked. Furthermore, for existing resources missing the tag, the tag should be automatically added with a value of 'Unassigned'.
Which THREE Azure Policy effects should you use to achieve this? (Select THREE)
Answer options:
A.
Deny
B.
Audit
C.
Modify
D.
Append
E.
Disabled
How to approach this question
Identify the policy effects that block deployments (Deny) and alter resources to add missing tags (Modify/Append).
Full Answer
Deny, Modify, Append
To enforce tagging governance:
1. 'Deny' is used to block the creation of resources that lack the required tag.
2. 'Append' is used to add the tag to the resource request during creation if it's missing.
3. 'Modify' is the modern approach for tagging, allowing you to remediate existing resources by adding the 'Unassigned' tag to them via a remediation task.
Common mistakes
Selecting Audit. While useful for reporting, Audit does not meet the requirement to block deployments or automatically add tags.
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 2
55 questions · hints · full answers · grading
More questions from this exam
Q01Fabrikam Inc. is a global financial services company with 200 Azure subscriptions managed via a c...HardQ02A healthcare organization has 500 on-premises Windows Server VMs and 300 Azure VMs. They are impl...HardQ03You are designing a security monitoring solution using Microsoft Sentinel.
The compliance depar...EasyQ04Your company has a microservices application deployed across multiple Azure App Service instances...MediumQ05A defense contractor is migrating to Microsoft 365 and Azure. They have a strict security policy ...Hard