70-473 · Question #51
You are a database administrator for a retail e-commerce web application solution. Your databases for this solution are all stored in the Azure SQL Database service. You learn that compliance certific
The correct answer is C. Always Encrypted. You should use the Always Encrypted feature of Azure SQL Database. This feature enables encryption in transit, in memory, on disk (at rest) and during query processing. You should not use Transparent Data Encryption. TDE enables encryption that does not require any changes to you
Question
Options
- ARow-Level Security (RLS)
- BDynamic Data Masking
- CAlways Encrypted
- DTransparent Data Encryption (TDE)
How the community answered
(32 responses)- A16% (5)
- B6% (2)
- C75% (24)
- D3% (1)
Explanation
You should use the Always Encrypted feature of Azure SQL Database. This feature enables encryption in transit, in memory, on disk (at rest) and during query processing. You should not use Transparent Data Encryption. TDE enables encryption that does not require any changes to your applications, but the encryption is only while the data is at rest. You should not use the Row-Level Security or Dynamic Data Masking features. Neither of these features encrypts your data. Both features modify what data is visible to client applications. Case Study 4 - Relecloud (QUESTION 52 - QUESTION 58) General overview Relecloud is an international data services company that has 3,000 users. The company has a sale department a marketing department a research department and a human resources Physical location Relecloud has one office in Seattle. The company has customers through cut North America and Relecloud has most of its computing infrastructure located in a datacenter in Los Angeles. The company also has a few servers that are configured as Microsoft Azure virtual machines. Existing Environment Active Directory The network contains an active Directory forest named relecloud.com. The forest contains two domains named relecloud.com and relecloud local. The functional level of the domain is Window Each office contains five domain controllers. Each office is configured as an Active Directory site. Current business model Relecloud maintains a single Microsoft SQL Server database named Database 1. Database 1 hosts all of the data for the customers of Relecloud. Database 1 has a total of 600 GB of data. Relecloud provides data for its customers by using several method of delivery. such as comma- separated value (CSV) files and fixed-width text files. All of the files are delivered by using file Transfer protocol (FTP) or Secure FTP (SFTP). The SQL Server environment contains two on-premises servers and one server in the Azure region of US West. The Azure of US West, The Azure infrastructure contains an ExpressRoute The network contains the SQL server configured as shown in the following table. ServerDB1 and Server DB2 are members of an availability group. Problem statements Relecloud identifies several issues with its current data storage model. Multiple customers report that they have issues loading files into relational databases. Additionally, Relecloud administrators often fail to communicate with the FTP servers of the Relecloud customers. Currently, the memory and the CPU of ServerDB1 and ServerDB2 are nearly fully utilized. Relecloud plans to take a leadership role in its industry and modernize its delivery method. The company also plans to offer its customers easier access to its data. Relecloud plans to move all of its customers to a delivery model that uses Azure SQL Database and plans to maintain a single database for each customer. Relecloud plans to automate the process of creating the required infrastructure for each new customers is approximately 10 GB and has a static size. The new customers require a rapid response time to database queries and each customer has five to concurrent logins. Security requirements Relecloud identifies the following security requirements: - Customers must be able to read data only. - Customers must be able to create custom views. - Customers must be able to use two-factor authentication when accessing Azure SQL databases. Technical requirements Relecloud identifies the following technical requirements: - Database administrators must be notified when the CPU pressure of AzD801 must be able to respond to customer requests for data. Auditing requirements: - All of the requests from the stored procedures that are run against the Azure SQL databases must be logged. - All auditing information must be viewable in Microsoft Excel in Real-
Topics
Community Discussion
No community discussion yet for this question.