AZ-303 Exam QuestionsBrowse all questions from this exam
Go to Exam

AZ-303 Exam - Question 311

HOTSPOT -

Your company runs several Windows and Linux virtual machines (VMs).

You must design a solution that implements data privacy, compliance, and data sovereignty for all storage uses in Azure. You plan to secure all Azure storage accounts by using Role-Based Access Controls (RBAC) and Azure Active Directory (Azure AD).

You need to secure the data used by the VMs.

Which solution should you use? To answer, select the appropriate solutions in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Exam AZ-303 Question 311
Show Answer
Correct Answer:
Exam AZ-303 Question 311

References:

https://docs.microsoft.com/en-us/azure/security/security-storage-overview

Discussion

4 comments
Sign in to comment
syu31svc
Aug 30, 2021

Correct answers given

Yiannisthe7th
Jul 2, 2021

Given answer is correct

tita_tovenaar
Jul 25, 2021

Correct Azure storage service encryption is mainly aimed at encrypting data on the move, entering Microsoft or leaving (second question) Disk encryption is mainly data at rest (first question) SAS tokens are relevant too, but mainly used to grant access to data points (not asked here). NSG and AD are security measures at level of network and identity, not data.

jyotish
Sep 20, 2021

Disk encryption is as it says for volume encryption, not data at rest. SSE(Storage Service Encryption or Server Side Encryption) is the encryption of data at rest. Please refer here https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption AND https://docs.microsoft.com/en-us/azure/virtual-machines/disk-encryption-overview

rdemontis
Jul 14, 2021

Correct