Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
As a Microsoft Cybersecurity Architect, you are tasked with designing a secure Azure environment for a financial services organization that must comply with the Payment Card Industry Data Security Standard (PCI DSS). The organization processes sensitive financial data and requires a solution that not only encrypts data at rest and in transit but also ensures that access to this data is strictly controlled and monitored. Additionally, the solution must be scalable to accommodate future growth and must not incur unnecessary costs. Given these requirements, which of the following solutions BEST addresses the organization's needs by implementing strong authentication and authorization controls, while also considering cost and scalability? (Choose one option.)
As a Microsoft Cybersecurity Architect, you are tasked with designing a secure Azure environment for a financial services organization that must comply with the Payment Card Industry Data Security Standard (PCI DSS). The organization processes sensitive financial data and requires a solution that not only encrypts data at rest and in transit but also ensures that access to this data is strictly controlled and monitored. Additionally, the solution must be scalable to accommodate future growth and must not incur unnecessary costs. Given these requirements, which of the following solutions BEST addresses the organization's needs by implementing strong authentication and authorization controls, while also considering cost and scalability? (Choose one option.)
Explanation:
Option D is the most comprehensive solution that addresses the organization's needs by enforcing strong authentication and authorization controls through Azure AD Conditional Access policies, which are crucial for PCI DSS compliance. It also leverages Azure Policy for scalable compliance management, ensuring that the solution is both cost-effective and scalable. While options A, B, and C provide important security measures, they do not fully meet the requirement for strong access control measures as comprehensively as Option D.