ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 3 question 11 discussion

Actual exam question from Microsoft's SC-100
Question #: 11
Topic #: 3
[All SC-100 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You are designing the encryption standards for data at rest for an Azure resource.
You need to provide recommendations to ensure that the data at rest is encrypted by using AES-256 keys. The solution must support rotating the encryption keys monthly.
Solution: For blob containers in Azure Storage, you recommend encryption that uses customer-managed keys (CMKs).
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by zts at Sept. 8, 2022, 8:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
aiczuki
8 months, 1 week ago
In addition to this question, the actual exam had a trick question that used the word "CMK" in "Solution." It's a good idea to remember the content of the question: Solution: For blob containers in Azure Storage, you recommend encryption that uses customer-managed keys (CMKs).
upvoted 1 times
...
Murtuza
1 year, 3 months ago
Unfortunately, the exact frequency of key rotation for PMKs in Azure may not be publicly disclosed.
upvoted 1 times
...
JG56
1 year, 5 months ago
in exam Nov 23, agree with zellck.
upvoted 2 times
...
zellck
1 year, 11 months ago
Selected Answer: A
A is the answer. https://learn.microsoft.com/en-us/azure/storage/common/customer-managed-keys-overview#update-the-key-version Following cryptographic best practices means rotating the key that is protecting your storage account on a regular schedule, typically at least every two years. Azure Storage never modifies the key in the key vault, but you can configure a key rotation policy to rotate the key according to your compliance requirements.
upvoted 1 times
zellck
1 year, 11 months ago
Gotten this in May 2023 exam.
upvoted 3 times
...
...
purek77
2 years, 3 months ago
Selected Answer: A
Azure Storage Service Encryption (SSE) can automatically encrypt data before it is stored, and it automatically decrypts the data when you retrieve it. The process is completely transparent to users. Storage Service Encryption uses 256-bit Advanced Encryption Standard (AES) encryption. SSE ref: https://learn.microsoft.com/en-us/azure/storage/common/storage-service-encryption Finally: Microsoft-managed keys are rotated appropriately per compliance requirements. If you have specific key rotation requirements, Microsoft recommends that you move to customer-managed keys so that you can manage and audit the rotation yourself.
upvoted 1 times
...
Rocky83
2 years, 3 months ago
Selected Answer: A
The Microsoft-managed key is rotated appropriately per compliance requirements. Note that the frequency may change without notice. Azure does not expose the logs to indicate rotation to customers. If you have specific key rotation requirements, then we recommend that you move to customer-managed keys. That way, you can manage and audit the rotation yourself.
upvoted 2 times
...
Yeero
2 years, 4 months ago
Selected Answer: A
Correct
upvoted 2 times
...
damiandeny
2 years, 5 months ago
Selected Answer: A
correct
upvoted 2 times
...
Philthetill
2 years, 7 months ago
correct
upvoted 4 times
...
zts
2 years, 7 months ago
Selected Answer: A
seems correct.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago