Which encryption method should you use?

You have an Azur« subscription that contains a virtual machine named VM1 and an Azure key vault named KV1.

You need to configure encryption for VM1.

The solution must meet the following requirements:

• Store and use the encryption key in KV1.

• Maintain encryption if VM1 is downloaded from Azure.

• Encrypt both the operating system disk and the data disks.

Which encryption method should you use?
A . encryption at host
B . customer-managed keys
C . Azure Disk Encryption
D . Confidential disk encryption

Answer: C

Explanation:

Azure Disk Encryption is a service that helps you encrypt your Windows and Linux IaaS virtual machine disks1. It uses BitLocker for Windows and DM-Crypt for Linux to provide volume encryption for the OS and data disks2. Azure Disk Encryption requires that you use a key encryption key in Azure Key Vault to encrypt the volume encryption key, which is then stored on the disk. You can use either a service-managed key or a customer-managed key in Azure Key Vault3. Azure Disk Encryption also supports encrypting virtual machine disks that are downloaded from Azure4.

Latest AZ-104 Dumps Valid Version with 416 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments