Microsoft Cybersecurity Architect Expert SC-100

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Assign built-in Azure Policy initiatives to the organization's resource groups to automatically enforce a set of security controls, including access control and audit logging, which are critical for COPPA compliance.

Option B is the most effective solution because it leverages built-in Azure Policy initiatives to enforce a broad range of security controls necessary for COPPA compliance, including access control and audit logging. This approach is not only comprehensive but also cost-effective and scalable, as it utilizes existing Azure services without the need for custom development. While options A, C, and D address specific aspects of COPPA compliance, they do not provide the holistic enforcement mechanism offered by built-in initiatives in option B.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

As a Microsoft Cybersecurity Architect, you are tasked with designing a solution for a software development company that processes personal data of children, requiring compliance with the Children's Online Privacy Protection Act (COPPA). The solution must enforce security controls within the organization's Azure environment. Considering the need for comprehensive compliance, cost-effectiveness, and scalability, which of the following approaches would BEST utilize Azure Policy to meet COPPA requirements? (Choose one option.)

Simulated

Develop custom Azure Policy definitions to mandate data encryption specifically for personal data of children stored in Azure SQL Database and Azure Storage, ensuring data protection at rest.

0.0%

Assign built-in Azure Policy initiatives to the organization's resource groups to automatically enforce a set of security controls, including access control and audit logging, which are critical for COPPA compliance.

100.0%

Implement Azure Policy to require Azure Active Directory (Azure AD) for all authentication and authorization processes involving access to personal data of children, enhancing identity security.

Configure Azure Policy to integrate with Azure Security Center, enabling continuous monitoring and automated remediation of security vulnerabilities associated with processing personal data of children.