This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Answer the following questions to check your understanding of Azure Backup security features.
A security engineer enables enhanced soft delete on a Recovery Services vault and configures the always-on setting. What is the primary effect of the always-on setting?
The soft delete retention period automatically extends to 180 days.
Soft delete can't be disabled on the vault after the always-on setting is configured.
Recovery points are automatically replicated to a secondary Azure region.
The vault automatically requires Multi-User Authorization for all backup operations.
Contoso's security team needs to prevent the backup administrator from disabling soft delete or stopping backups with data deletion—even if the administrator's credentials are compromised. Which Azure Backup feature provides this protection?
Setting vault immutability to the Enabled and Locked state.
Multi-User Authorization using Resource Guard.
Assigning the Backup Reader role to the backup administrator account.
Enabling Azure Policy with an Audit effect on backup configurations.
A security engineer sets a Recovery Services vault to the Enabled and Locked immutability state. What is the primary consequence of this irreversible decision?
The vault can be unlocked by a Global Administrator in an emergency.
Vault immutability becomes permanent—it can't be disabled or changed back to a reversible state.
Backup policies can no longer be modified or updated on the vault.
Cross-region restore is automatically enabled to complement the immutability protection.
You must answer all questions before checking your work.
Was this page helpful?
Need help with this topic?
Want to try using Ask Learn to clarify or guide you through this topic?