Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
As a Microsoft Cybersecurity Architect, you are tasked with designing a secure Azure environment for a financial services organization that must comply with the Payment Card Industry Data Security Standard (PCI DSS). The organization processes sensitive financial data and requires a solution that not only encrypts data at rest and in transit but also ensures that access to this data is strictly controlled and monitored. Additionally, the solution must be scalable to accommodate future growth and must not incur unnecessary costs. Given these requirements, which of the following solutions BEST addresses the organization's needs by implementing strong authentication and authorization controls, while also considering cost and scalability? (Choose one option.)
A
Implement Azure Disk Encryption for all virtual machines to ensure that sensitive financial data is encrypted at rest, and use Azure Firewall to monitor and control incoming and outgoing network traffic.
B
Configure Azure Private Link for all Azure services to ensure private connectivity and data residency, and implement Azure DDoS Protection to safeguard against distributed denial-of-service attacks.
C
Utilize Azure Key Vault to manage encryption keys and secrets, applying the principle of least privilege for access, and deploy Azure Monitor to track access and changes to sensitive data.
D
Implement Azure Active Directory (Azure AD) Conditional Access policies to enforce multi-factor authentication and device compliance for accessing sensitive financial data, and use Azure Policy to enforce organizational standards and assess compliance at scale.