Microsoft Azure Architect Design (AZ-304) Practice Test

To comply with regulatory requirements, which solution should be suggested for deploying Azure App Service instances in specific regions?

• A. Regulatory compliance dashboard in Azure Security Center
• B. Azure Policy
• C. Azure Resource Manager templates
• D. Azure Security Center alerts

The correct answer is: Azure Policy

The recommendation to use Azure Policy for deploying Azure App Service instances in specific regions is based on its capability to enforce rules and effects on Azure resources. Azure Policy allows you to define policies that govern the properties of resources during their lifecycle. By creating policies that specify which regions resources can be deployed into, organizations can ensure compliance with regulatory requirements effectively. Using Azure Policy enables automated compliance checks against your resource settings. If a resource is deployed in an area that violates policy rules, Azure Policy can trigger an audit event, deny the deployment, or even deploy corrective measures automatically. This helps maintain regulatory standards consistently without requiring manual oversight or interventions. While other options might provide useful functionalities within the context of Azure, they do not focus specifically on enforcing deployment rules across regions. For instance, the regulatory compliance dashboard in the security center provides a visualization of compliance status rather than enforceable policy management. Azure Resource Manager templates help in resource provisioning but do not inherently govern location constraints. Alerts from the Azure Security Center serve to notify administrators about potential security threats but do not directly impact the deployment of resources. Thus, Azure Policy stands out as the most appropriate solution for managing region-specific deployments in order to fulfill compliance mandates.