A financial services company is planning to migrate its sensitive financial data to Microsoft Azure. The company is particularly concerned about ensuring data security, encryption, and compliance with stringent financial regulations such as GDPR and SOX. According to Microsoft Azure's shared responsibility model, which of the following statements accurately delineate the responsibilities between Microsoft Azure (the cloud provider) and the company (the cloud customer)? Choose the BEST two options that apply. (Choose two)

Simulated

Microsoft Azure is responsible for the physical security of the data centers, including access controls and environmental protections. The company is responsible for configuring network security groups, managing data encryption both at rest and in transit, and ensuring that all data handling practices comply with relevant financial regulations.

100.0%

Once data is uploaded to Microsoft Azure, the cloud provider assumes full responsibility for all aspects of data security, including encryption, access control, and compliance with financial regulations, relieving the company of any further obligations.

0.0%

The company must encrypt all data before uploading it to the cloud. After encryption, Microsoft Azure takes over all responsibilities related to data security and compliance, including managing encryption keys and ensuring regulatory compliance.

0.0%

Microsoft Azure offers a range of tools and services designed to facilitate data encryption and compliance with regulations. However, the company is responsible for selecting, implementing, and managing these tools to protect its data and meet regulatory requirements.

0.0%

Microsoft Azure is solely responsible for all security measures once the company's data is stored in the cloud, including the enforcement of compliance with financial regulations, without any need for the company to take additional actions.

Microsoft Azure Fundamentals AZ-900

Get started today

Comments