Microsoft Certified: Azure Fundamentals (AZ-900) Practice Exam 2025 - Free AZ-900 Practice Questions and Study Guide

The correct answer is the security policy. In Azure, a security policy provides a set of rules and guidelines that define the security posture for resources within a specified subscription or resource group. It establishes the recommended practices and required configurations that help organizations maintain compliance and mitigate risks.

Security policies leverage Azure Policy to set standards and enforce compliance across resources, ensuring that they meet the organization’s security requirements. These policies can include rules for resource creation, management, and monitoring, providing a unified approach to security that can be tailored to specific needs.

While Azure Monitor is focused on monitoring resources and applications, and Azure Security Center (now part of Microsoft Defender for Cloud) provides a range of security management tools, including recommendations based on the security state, it is the security policy that specifically defines the controls needed for security governance at the subscription or resource group level. Azure Watch is not a recognized Azure service in this context.