Configure Azure Security Center's Defender for IoT

Correct Answer: B.

Option A is incorrect because it is the module twin of the azureiotsecurity module identity of the device which holds the configuration objects of the security agents, i.e.

security agents must be configured at the module level.

Option B is CORRECT because, to set up the security agents, an azureiotsecurity module identity has to be created under your device, and the configuration code above must be added to the module twin's ‘desired' parameters.

References:

Yes, adding the mentioned script to the device twin's desired properties is the right solution to achieve the goal of building enhanced security around your IoT infrastructure using Azure Security Center's Defender for IoT.

The script sets up the configuration for the security agent to report high-priority events for the device's connection events and collect high-priority events every 5 minutes. The configuration is achieved through the following properties:

• highPriorityMessageFrequency: This property specifies the frequency at which high-priority messages should be sent. The value "PT5M" indicates that the security agent should send high-priority messages every 5 minutes.

• eventPriorityConnectionCreate: This property specifies the priority of connection events. The value "High" indicates that the security agent should prioritize connection events as high-priority events.

By setting up the security agent with the above configuration, you can collect important security-related events and detect potential security threats on your IoT devices. Azure Security Center's Defender for IoT provides advanced threat protection for IoT devices and helps you identify and remediate security vulnerabilities in your IoT infrastructure.

Therefore, the given script is the right solution to achieve the goal of building enhanced security around your IoT infrastructure using Azure Security Center's Defender for IoT.