Answer-first summary for fast verification
Answer: Specify security requirements including secure coding practices, input validation, regular security testing, and ensure the application is designed with privacy by design principles to meet GDPR requirements.
The most comprehensive approach involves specifying security requirements that include secure coding practices, input validation, and regular security testing, alongside designing the application with privacy by design principles to ensure GDPR compliance. While Azure provides robust security measures, it is essential to implement application-specific security controls to address potential vulnerabilities and ensure the protection of sensitive customer data. Relying solely on Azure's security measures or focusing only on network security does not provide a holistic security posture for the web application.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company is developing a new web application to be hosted on Microsoft Azure. The application will handle sensitive customer data and must comply with GDPR. Considering cost, compliance, and scalability, which of the following security measures is the MOST comprehensive and appropriate to specify for the web workloads to ensure their security? (Choose one)
A
Implement only strong authentication mechanisms and data encryption, as these are sufficient for GDPR compliance.
B
Specify security requirements including secure coding practices, input validation, regular security testing, and ensure the application is designed with privacy by design principles to meet GDPR requirements.
C
Focus solely on securing the network and endpoints used to access the web application, as network security is the most critical aspect of protecting sensitive data.
D
Rely entirely on Azure's built-in security measures without implementing any additional security controls, assuming Azure's compliance certifications cover all necessary GDPR requirements.