Answer-first summary for fast verification
Answer: Leveraging Azure Key Vault for centralized key management, integrating with Databricks to use customer-managed keys (CMK) for all data at rest, with automated rotation policies
1. **Centralized Key Management**: Azure Key Vault offers a secure, centralized location for encryption keys, minimizing risks associated with key exposure or loss. 2. **Customer-Managed Keys (CMK)**: Provides the institution with complete control over their encryption keys, essential for meeting compliance requirements. 3. **Automated Rotation Policies**: Enhances security by regularly updating encryption keys, reducing unauthorized access risks and ensuring regulatory compliance. 4. **Flexibility**: The integration between Azure Key Vault and Databricks allows for efficient key management, including rotation and access monitoring, without compromising compliance. This approach optimally balances security, compliance, and flexibility in a regulated financial environment.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In a stringent regulatory environment, a financial institution utilizes Azure Databricks for data analytics. Which strategy for managing encryption keys for data at rest ensures compliance while offering flexibility?
A
Implementing an on-premises Hardware Security Module (HSM) to store keys, with a custom interface for Databricks to access these keys over a secure connection
B
Using default Databricks managed keys for encryption, assuming compliance based on Databricks‘ security certifications
C
Leveraging Azure Key Vault for centralized key management, integrating with Databricks to use customer-managed keys (CMK) for all data at rest, with automated rotation policies
D
Storing encryption keys within Databricks notebooks as variables for easy access and manual rotation by data engineers
No comments yet.