Encryption At Rest — Microsoft Azure Administrator (AZ-104) Practice Questions
Encryption at rest ensures that data stored in Azure is protected from unauthorized physical access by encrypting it on disk using cryptographic keys. Azure automatically applies server-side encryption to most storage services, and AZ-104 candidates must understand the difference between platform-managed keys, customer-managed keys stored in Azure Key Vault, and customer-provided keys. The exam also tests knowledge of Azure Disk Encryption for virtual machine OS and data disks, which uses BitLocker on Windows and dm-crypt on Linux.
Free questions on encryption at rest
You are managing storage accounts for your organization. You need to ensure that all data at rest is encrypted. Which encryption option is enabled by default in Azure Storage?
Free question · medium · full answer + explanation
More encryption at rest questions in the full bank
- Your organization requires that all data be encrypted at rest. You need to implement customer-managed key encryption for a storage account. Which service provides the keys? Unlock answer & explanation →
- Your organization requires that all storage accounts must be encrypted at rest. Which Azure service provides this by default? Unlock answer & explanation →
- Your organization requires all data at rest to be encrypted. Which service ensures this? Unlock answer & explanation →