Azure Security Center Assessment Capabilities

BC

B: Azure Security Center includes Azure-native, advanced threat protection for Azure Key Vault, providing an additional layer of security intelligence.

C: When Security Center discovers a connected VM without a vulnerability assessment solution deployed, it provides the security recommendation "A vulnerability assessment solution should be enabled on your virtual machines".

Ubuntu supported versions: 12.04 LTS, 14.04 LTS, 15.x, 16.04 LTS, 18.04 LTS

Azure Security Center provides vulnerability assessments for a range of Azure resources to help identify and address potential security issues. The resources for which you can receive vulnerability assessments in Azure Security Center are:

E. The Windows Server 2019 container images hosted in the Azure Container Registry: Azure Security Center can scan your container images hosted in Azure Container Registry for vulnerabilities and provide recommendations to help you address any issues that are found.

C. The Azure virtual machines that run the latest version of Ubuntu: Azure Security Center can also scan virtual machines running in Azure for vulnerabilities. For virtual machines running Ubuntu, Azure Security Center can use the open-source tool Qualys to scan for vulnerabilities.

Note that although Azure Security Center can scan virtual machines running in Azure for vulnerabilities, it requires the installation of an agent on the virtual machines to do so.

The other resources mentioned in the question, Azure Log Analytics workspace, Azure Active Directory (Azure AD), and Azure key vault, are not currently supported for vulnerability assessments in Azure Security Center. However, Azure Security Center can still provide other security-related recommendations and alerts for these resources.