You are tasked with implementing data encryption for a highly sensitive dataset stored in Azure Cosmos DB. Which of the following encryption methods should you use to ensure that data is protected at rest and in motion?

Simulated

Use Azure Cosmos DB's built-in encryption at rest feature to encrypt the data automatically.

Implement client-side encryption to encrypt the data before sending it to Azure Cosmos DB and decrypt it after retrieving it.

Use Azure Key Vault to manage the encryption keys and implement Transparent Data Encryption (TDE) for Azure Cosmos DB.

Enable SSL/TLS encryption for data in motion and use Azure Cosmos DB's built-in encryption at rest feature.

Microsoft Azure Data Engineer Associate - DP-203