As a Microsoft Cybersecurity Architect, you are tasked with designing a solution for a software development company that processes personal data of children, requiring compliance with the Children's Online Privacy Protection Act (COPPA). The solution must enforce security controls within the organization's Azure environment. Considering the need for comprehensive compliance, cost-effectiveness, and scalability, which of the following approaches would BEST utilize Azure Policy to meet COPPA requirements? (Choose one option.)

Simulated

Develop custom Azure Policy definitions to mandate data encryption specifically for personal data of children stored in Azure SQL Database and Azure Storage, ensuring data protection at rest.

0.0%

Assign built-in Azure Policy initiatives to the organization's resource groups to automatically enforce a set of security controls, including access control and audit logging, which are critical for COPPA compliance.

100.0%

Implement Azure Policy to require Azure Active Directory (Azure AD) for all authentication and authorization processes involving access to personal data of children, enhancing identity security.

0.0%

Configure Azure Policy to integrate with Azure Security Center, enabling continuous monitoring and automated remediation of security vulnerabilities associated with processing personal data of children.

0.0%

Microsoft Cybersecurity Architect Expert SC-100

Comments

Get started today