Answer-first summary for fast verification
Answer: Enable SSL/TLS encryption for data in motion and use Azure Cosmos DB's built-in encryption at rest feature.
Option D is the correct answer. Enabling SSL/TLS encryption for data in motion ensures that the data is protected during transmission. Additionally, using Azure Cosmos DB's built-in encryption at rest feature ensures that the data is encrypted when stored. Option A is incorrect because it only addresses encryption at rest. Option B is incorrect because client-side encryption can be complex to implement and manage. Option C is incorrect because Azure Key Vault can be used to manage encryption keys, but TDE is not applicable to Azure Cosmos DB.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You are tasked with implementing data encryption for a highly sensitive dataset stored in Azure Cosmos DB. Which of the following encryption methods should you use to ensure that data is protected at rest and in motion?
A
Use Azure Cosmos DB's built-in encryption at rest feature to encrypt the data automatically.
B
Implement client-side encryption to encrypt the data before sending it to Azure Cosmos DB and decrypt it after retrieving it.
C
Use Azure Key Vault to manage the encryption keys and implement Transparent Data Encryption (TDE) for Azure Cosmos DB.
D
Enable SSL/TLS encryption for data in motion and use Azure Cosmos DB's built-in encryption at rest feature.