Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
As a Microsoft Cybersecurity Architect, you are consulting for a retail organization that operates in California and processes a significant amount of customer data. The organization must comply with the California Consumer Privacy Act (CCPA), which mandates strict data privacy and security controls. The organization's Azure environment hosts this data, and they need a solution that not only enforces these controls but also provides scalability and cost-effectiveness. Given these requirements, which of the following approaches would BEST utilize Azure Policy to ensure compliance with CCPA while addressing the organization's constraints? Choose one option.
A
Develop and implement custom Azure Policy definitions tailored to the organization's specific data classification and labeling needs, ensuring sensitive customer data is accurately identified and protected across all Azure services.
B
Assign built-in Azure Policy initiatives that encompass data privacy and security best practices, such as enforcing data encryption at rest and in transit, implementing strict access controls, and adhering to data retention policies, to all relevant resource groups within the Azure environment.
C
Configure Azure Policy to continuously monitor and audit data processing activities, generating detailed compliance reports that can be used to demonstrate adherence to CCPA requirements to regulators and stakeholders.
D
Leverage Azure Policy in conjunction with Azure Monitor and Azure Security Center to establish a comprehensive monitoring, alerting, and automated remediation framework for detecting and addressing data privacy and security incidents in real-time.