Microsoft Azure Security Engineer Associate AZ-500 Practice Question
Your company stores personally identifiable information in an Azure SQL Database. Compliance rules state that the data must be encrypted at rest, in transit, and while it is processed on the server, and that neither database administrators nor Microsoft support engineers can read plaintext values. The application must still perform equality searches on the sensitive columns with minimal code changes. Which Azure SQL feature should you recommend?
Row-level security
Always Encrypted configured with deterministic encryption
Always Encrypted encrypts designated columns in the client driver before the data reaches Azure SQL Database. Because the encryption keys never leave the client application, the database engine, administrators, and Microsoft personnel cannot view the plaintext data. Using deterministic encryption allows the service to evaluate equality predicates, so existing queries such as WHERE Column = @value continue to work with little or no code change. Transparent Data Encryption protects files and backups on disk only, leaving data visible to anyone who can query the database. Dynamic Data Masking merely obfuscates query results and can be bypassed by privileged users. Row-level security restricts which rows a user can access but does not encrypt the data. Therefore, Always Encrypted with deterministic encryption is the only feature that meets every requirement.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does Always Encrypted ensure that encryption keys never leave the client application?
Open an interactive chat with Bash
What is deterministic encryption and how does it enable equality searches?
Open an interactive chat with Bash
What are the limitations of Transparent Data Encryption compared to Always Encrypted?
Open an interactive chat with Bash
Microsoft Azure Security Engineer Associate AZ-500
Secure compute, storage, and databases
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .