You have an Azure SQL database.
You implement Always Encrypted.
You need to ensure that application developers can retrieve and decrypt data in the database.
Which two pieces of information should you provide to the developers? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Always Encrypted in Azure SQL Database uses two types of keys: the column encryption key and the column master key. The column encryption key is used to encrypt the actual data within an encrypted column, while the column master key protects the column encryption key by encrypting it. Application developers need access to both these keys to retrieve and decrypt data in the database. Without the column encryption key, they cannot decrypt the data, and without the column master key, they cannot decrypt the column encryption key itself.
Correct ones
C, E, for sure.
C. the column encryption key E. the column master key
In Exam 8/4/2021
also in AZ-301/304 exam
C. the column encryption key E. the column master key
In exam 1/28/24
In exam: 30/06/2022
In exam Dec'21. 40 questions, 1 case study, no labs. Correct answer too.
In Exam20/07/2024
To set up Always Encrypted in your database, you need to: Provision cryptographic keys to protect your data. Always Encrypted uses two types of keys: Column encryption keys. Column master keys. A column encryption key is used to encrypt data in an encrypted column. A column master key is a key-protecting key that encrypts one or more column encryption keys. https://learn.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-database-engine?view=sql-server-ver16 Answer = C,E
On an exam on 7/8/23, agree with the answer provided.
C, E, for sure.
Duplicate
Exam - 4/11/21
Today's exam 20/10/21..
master key is stored in key vault or external key store. individual column key is protected by master key. Master key's information is needed and encrypted column key is needed. there fore the answer is c and e