Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
Your company is developing a new web application to be hosted on Microsoft Azure. The application will handle sensitive customer data and must comply with GDPR. Considering cost, compliance, and scalability, which of the following security measures is the MOST comprehensive and appropriate to specify for the web workloads to ensure their security? (Choose one)
A
Implement only strong authentication mechanisms and data encryption, as these are sufficient for GDPR compliance.
B
Specify security requirements including secure coding practices, input validation, regular security testing, and ensure the application is designed with privacy by design principles to meet GDPR requirements.
C
Focus solely on securing the network and endpoints used to access the web application, as network security is the most critical aspect of protecting sensitive data.
D
Rely entirely on Azure's built-in security measures without implementing any additional security controls, assuming Azure's compliance certifications cover all necessary GDPR requirements.