Which encryption method is recommended for data in transit to Azure services?

  1. HTTPS with TLS 1.2 or higher ✓
  2. Proprietary Azure encryption protocol
  3. FTP with basic authentication
  4. Plain text over HTTP

Correct answer: HTTPS with TLS 1.2 or higher

Option A is correct because HTTPS over TLS 1.2 or higher is the Microsoft recommended standard for protecting data in transit to Azure services, and many Azure services now require a minimum of TLS 1.2 to negotiate a connection. TLS 1.2 and above provide strong industry vetted cipher suites, certificate based server authentication, and forward secrecy, while older protocols such as TLS 1.0 and 1.1 are deprecated. Option B is wrong because Azure does not rely on a secret proprietary protocol; it uses open standardized TLS, and proprietary security through obscurity is an anti pattern. Option C is wrong because FTP transmits both credentials and data in clear text and basic authentication offers no transport encryption, so it cannot protect data in transit. Option D is wrong because plain text over HTTP sends data completely unencrypted, exposing it to interception and tampering, which is the opposite of a secure recommendation.

Topic: · tls, https, data in transit, azure security

Practice Microsoft Azure Security Engineer (AZ-500) Questions Free