last sync: 2022-May-23 16:32:10 UTC

Azure Policy definition

Azure Defender for DNS should be enabled

Name Azure Defender for DNS should be enabled
Azure Portal
Id bdc59948-5574-49b3-bb91-76b7c986428d
Version 1.0.0
details on versioning
Category Security Center
Microsoft docs
Description Azure Defender for DNS provides an additional layer of protection for your cloud resources by continuously monitoring all DNS queries from your Azure resources. Azure Defender alerts you about suspicious activity at the DNS layer. Learn more about the capabilities of Azure Defender for DNS at . Enabling this Azure Defender plan results in charges. Learn about the pricing details per region on Security Center's pricing page: .
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Used RBAC Role none
Rule Aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Security/pricings/pricingTier Microsoft.Security pricings properties.pricingTier false
Rule ResourceTypes IF (1)
Date/Time (UTC ymd) (i) Change type Change detail
2021-09-27 15:52:17 change Version remains equal, old suffix: preview (1.0.0-preview > 1.0.0)
2021-03-09 14:37:41 add bdc59948-5574-49b3-bb91-76b7c986428d
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
NIST SP 800-171 Rev. 2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
JSON Changes