ExpertMinds LogoExpertMinds
Medium1 markMultiple Choice
Domain 3.1: Backup and Disaster RecoveryDomain 3Backup and Disaster RecoveryAzure BackupSecurity

AZ-305 · Question 32 · Domain 3.1: Backup and Disaster Recovery

You are designing a backup strategy for Azure Virtual Machines using Azure Backup.

The security team requires that backups must be protected against accidental deletion or malicious ransomware attacks. If an administrator attempts to delete a backup vault or stop protection and delete data, the data must remain recoverable for at least 14 days.

Which TWO features should you configure? (Select TWO)

Answer options:

A.

Enable Soft Delete for the Recovery Services vault.

B.

Configure Geo-redundant storage (GRS) for the vault.

C.

Enable Multi-User Authorization (MUA) using Azure Resource Guard.

D.

Enable Cross Region Restore (CRR).

E.

Apply a ReadOnly resource lock to the Virtual Machines.

How to approach this question

Look for features specifically designed for ransomware protection and insider threat mitigation in Azure Backup.

Full Answer

Enable Soft Delete for the Recovery Services vault., Enable Multi-User Authorization (MUA) using Azure Resource Guard.
To protect against ransomware and malicious insiders, Azure Backup offers Soft Delete and Multi-User Authorization (MUA). Soft Delete acts as a recycle bin; if a backup is deleted, it is retained for 14 days before permanent deletion. MUA uses Azure Resource Guard to ensure that critical operations (like disabling soft delete or deleting backup data) require authorization from a second, independent security administrator.

Common mistakes

Selecting GRS or CRR, which are disaster recovery features for infrastructure failure, not security features against malicious deletion.
31All questions33

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 3

55 questions · hints · full answers · grading

Sign up freeTake the exam

More questions from this exam

Q01Contoso Ltd is a global manufacturing company with 50,000 employees across 30 countries. They cur...MediumQ02Fabrikam Inc. is a Managed Service Provider (MSP) managing Azure environments for 50 different en...HardQ03A financial institution generates 5 TB of telemetry and audit logs daily across its Azure environ...MediumQ04A retail company has recently migrated several workloads to Azure. The IT Director wants a centra...EasyQ05A healthcare organization with 10,000 employees uses on-premises Active Directory. They are migra...Hard
View all 55 questions →