ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 4 question 42 discussion

Actual exam question from Microsoft's SC-100
Question #: 42
Topic #: 4
[All SC-100 Questions]

You have an Azure subscription that contains multiple Azure Data Lake Storage accounts.

You need to recommend a solution to encrypt the content of the accounts by using service-side encryption and customer-managed keys. The solution must ensure that individual encryption keys are applied at the most granular level.

At which level should you recommend the encryption be applied?

  • A. file
  • B. container
  • C. folder
  • D. account
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by 676ae1a at Feb. 2, 2025, 10:43 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SOC123
1 month, 3 weeks ago
Selected Answer: B
https://learn.microsoft.com/en-us/azure/storage/common/storage-service-encryption#about-encryption-key-management You can specify a customer-provided key on Blob Storage operations. A client making a read or write request against Blob Storage can include an encryption key on the request for granular control over how blob data is encrypted and decrypted. For more information about customer-provided keys, see Provide an encryption key on a request to Blob Storage.
upvoted 2 times
...
6c0ca3d
2 months, 1 week ago
Selected Answer: B
not supported encription for files so the correct response could be B
upvoted 2 times
...
424ede1
3 months, 2 weeks ago
Selected Answer: A
You can specify a customer-managed key to use for encrypting and decrypting data in Blob Storage and in Azure Files. A client making read write request against Blob Storage (or File) can include an encryption key on the request for granular control over blob encryption. https://docs.azure.cn/en-us/storage/common/storage-service-encryption#about-encryption-key-management
upvoted 1 times
...
Ali96
5 months ago
Selected Answer: B
For Azure Data Lake Storage, encryption can be applied at multiple levels, but the container level is the most granular supported for customer-managed keys (CMK).
upvoted 2 times
...
Er_01
5 months, 1 week ago
Selected Answer: A
https://learn.microsoft.com/en-us/azure/storage/common/storage-service-encryption It says you can scope it to container or individual blob. However a blob can contain files but it depends on if blob = file. If yes, then A, if no then B. Blobs generally contain files for various purposes but does this make it a file in this context. If A was blob, that is fair. This version is not fair and misleading.
upvoted 1 times
...
sweetykaur
5 months, 1 week ago
Selected Answer: A
A. file level. By applying service-side encryption with customer-managed keys (CMKs) at the file level, you can ensure that each file can have its own unique encryption key, providing the highest level of granularity and security for your data
upvoted 3 times
...
jim85
5 months, 2 weeks ago
Selected Answer: B
B looks good, as per https://learn.microsoft.com/en-us/azure/storage/common/storage-service-encryption
upvoted 2 times
...
Ali96
5 months, 2 weeks ago
Selected Answer: B
container is the correct option since encryption keys are managed at this level and can be applied to all files within the container.
upvoted 1 times
...
676ae1a
5 months, 2 weeks ago
Selected Answer: A
Proporciona el nivel más granular de control sobre el cifrado de datos
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel