Exam-Answer

Home / Microsoft / AZ-300 / Question 44

Prev Question
Next Question

Question 44

Your company is researching ways to improve data security for Windows and Linux Infrastructure-as-a-Service (IaaS) virtual machines (VM)s. You need to determine if Azure Disk Encryption (ADE) can meet the company's requirements. Choose all that apply:

Answers


Advertisement

Explanation (click to expand)

ADE is not supported for Basic tier VMs. It is supported for Standard, and Premium tier VMs. ADE supports Windows Server 2008 and later and a subset of Azure Linux images. Custom Linux images are not supported.

You must encrypt the boot volume before you can encrypt any data volumes on a Windows VM. ADE does not let you encrypt a data volume unless you first encrypt the OS volume. This is different for Linux VMs, which let you encrypt data without first encrypting the OS volume.

You cannot use an on-premises key management service to safeguard encryption keys. You are required to use Azure Key Management service. Azure Key Management service is a prerequisite for implementing ADE.

References (click to expand)

Prev Question
Next Question

Load more