Microsoft Cybersecurity Architect Expert SC-100

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Assign built-in Azure Policy initiatives that encompass data privacy and security best practices, such as enforcing data encryption at rest and in transit, implementing strict access controls, and adhering to data retention policies, to all relevant resource groups within the Azure environment.

Option B is the most effective solution because it leverages built-in Azure Policy initiatives, which are designed to enforce a wide range of data privacy and security best practices out of the box. This approach ensures compliance with CCPA requirements efficiently, without the need for extensive custom development, thereby addressing the organization's need for scalability and cost-effectiveness. While options A, C, and D offer valuable capabilities, they either require additional customization or focus on aspects of compliance that are complementary rather than foundational, making option B the best choice for the organization's primary compliance needs.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

As a Microsoft Cybersecurity Architect, you are consulting for a retail organization that operates in California and processes a significant amount of customer data. The organization must comply with the California Consumer Privacy Act (CCPA), which mandates strict data privacy and security controls. The organization's Azure environment hosts this data, and they need a solution that not only enforces these controls but also provides scalability and cost-effectiveness. Given these requirements, which of the following approaches would BEST utilize Azure Policy to ensure compliance with CCPA while addressing the organization's constraints? Choose one option.

Simulated

Develop and implement custom Azure Policy definitions tailored to the organization's specific data classification and labeling needs, ensuring sensitive customer data is accurately identified and protected across all Azure services.

0.0%

Assign built-in Azure Policy initiatives that encompass data privacy and security best practices, such as enforcing data encryption at rest and in transit, implementing strict access controls, and adhering to data retention policies, to all relevant resource groups within the Azure environment.

100.0%

Configure Azure Policy to continuously monitor and audit data processing activities, generating detailed compliance reports that can be used to demonstrate adherence to CCPA requirements to regulators and stakeholders.

Leverage Azure Policy in conjunction with Azure Monitor and Azure Security Center to establish a comprehensive monitoring, alerting, and automated remediation framework for detecting and addressing data privacy and security incidents in real-time.