Azure Cosmos DB Database for Storing Intake Forms
Question
Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated goals.
Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it.
As a result, these questions will not appear in the review screen.
You are developing a medical records document management website.
The website is used to store scanned copies of patient intake forms.
If the stored intake forms are downloaded from storage by a third party, the contents of the forms must not be compromised.
You need to store the intake forms according to the requirements.
Solution: 1
Create an Azure Cosmos DB database with Storage Service Encryption enabled.
2
Store the intake forms in the Azure Cosmos DB database.
Does the solution meet the goal?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B.B.
Instead use an Azure Key vault and public key encryption.
Store the encrypted from in Azure Storage Blob storage.
The given solution proposes to create an Azure Cosmos DB database with Storage Service Encryption enabled and to store the intake forms in it.
Azure Cosmos DB is a globally distributed, multi-model database service that allows storing and retrieving data from multiple data models and APIs. It provides multiple data consistency levels, partitioning, and replication to ensure high availability and performance. Additionally, Azure Cosmos DB provides built-in encryption for data at rest through Storage Service Encryption.
Storage Service Encryption is a feature of Azure Storage that automatically encrypts data before persisting it to storage and decrypts it when retrieved. The encryption is transparent to the application, meaning that the application does not need to perform any encryption or decryption operations.
The proposed solution of storing the intake forms in an Azure Cosmos DB database with Storage Service Encryption enabled can meet the stated goal of ensuring that the contents of the forms are not compromised when downloaded by a third party.
By using Storage Service Encryption, the data is automatically encrypted before being stored in the database, and it remains encrypted when accessed or downloaded by any unauthorized party. This helps to prevent any unauthorized access or exposure of sensitive data. Additionally, Azure Cosmos DB provides built-in access control and authentication mechanisms to restrict access to the data only to authorized users.
Therefore, the proposed solution meets the stated goal and the correct answer is A. Yes.
