Email Encryption for Azure Storage Keys
Question
Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated goals.
Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it.
As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has all locations selected.
Does this meet the goal?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B.B.
The solution provided in the question is not sufficient to meet the stated goal of ensuring that when Azure Storage keys are emailed, the emails are encrypted.
Creating a data loss prevention (DLP) policy with all locations selected means that the policy will apply to all data in all locations, including email messages, attachments, files, and other types of data. The purpose of this policy is to prevent sensitive data from leaving the organization's network by detecting and blocking messages that contain sensitive information.
However, while a DLP policy can help prevent sensitive data from being sent in plain text, it does not provide encryption for emails. Encryption is the process of encoding a message in a way that only authorized parties can read it. In the case of email encryption, the message is encrypted before it is sent, and the recipient must have the decryption key to read the message.
To ensure that Azure Storage keys are emailed securely, the company should implement email encryption. This can be done using various encryption technologies, such as S/MIME or PGP. These technologies provide end-to-end encryption, which means that the message is encrypted on the sender's device, transmitted securely over the internet, and decrypted only on the recipient's device.
In summary, the solution provided in the question does not meet the goal of ensuring that Azure Storage keys are emailed securely. The company needs to implement email encryption to ensure that messages containing sensitive information are protected from unauthorized access.
