You are the administrator of the ACME banking group. You are responsible for security on the Azure SQL database called SQL_DB_Main. You have been tasked to ensure that all data in transit should be encrypted as well as that database administrators are not able to view sensitive information in the database. Which encryption technology should be used?
Always encrypted is correct, as this ensures encryption happens during transport and that the encryption keys are never revealed to the database engine. Transparent Data Encryption will not suffice as this is database-level encryption, which means data is protected at rest.