DP300 Topic 2 Quiz 3
Professional Development
•22 Qs
Similar activities
Evaluación sobre Data Warehouse y Datos Inteligentes
Professional Development
•20 Qs
SQL part 2
Professional Development
•24 Qs
TSQL - Basico
Professional Development
•20 Qs
[AI-900] Simulado para Certificação "A"
Professional Development
•27 Qs
[AI-900] Módulo 04.01 - Processamento de Linguagem Natural
Professional Development
•18 Qs
Emerging Trends in Cloud Computing!
Professional Development
•18 Qs
ICT 06 - Day 2
Professional Development
•17 Qs
Data Type
University - Professional Development
•20 Qs
DP300 Topic 2 Quiz 3
Quiz
•
Computers
•
Professional Development
•
Hard
Faith Muwishi
Used 5+ times
FREE Resource
22 questions
Show all answers
1.
MULTIPLE SELECT QUESTION
45 sec • 3 pts
You have a new Azure SQL database. The database contains a column that stores confidential information.
You need to track each time values from the column are returned in a query. The tracking information must be stored for 365 days from the date
the query was executed.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Turn on auditing and write audit logs to an Azure Storage account.
B. Add extended properties to the column.
C. Turn on auditing and write audit logs to an Event Hub
D. Apply sensitivity labels named Highly Confidential to the column.
E. Turn on Azure Defender for SQL
Answer explanation
Correct Answer: ADE
D: You can apply sensitivity-classification labels persistently to columns by using new metadata attributes that have been added to the SQL
Server database engine. This metadata can then be used for advanced, sensitivity-based auditing and protection scenarios.
A: An important aspect of the information-protection paradigm is the ability to monitor access to sensitive data. Azure SQL Auditing has been
enhanced to include a new field in the audit log called data_sensitivity_information. This field logs the sensitivity classifications (labels) of the
data that was returned by a query. E: Enable Microsoft Defender for Azure SQL Database at the subscription level from Microsoft Defender for Cloud.
Note: Microsoft Defender for SQL is a unified package for advanced SQL security capabilities. Microsoft Defender for Cloud is available for
Azure SQL Database,
Azure SQL Managed Instance, and Azure Synapse Analytics.
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
You have an Azure virtual machine named VM1 on a virtual network named VNet1. Outbound traffic from VM1 to the internet is blocked.
You have an Azure SQL database named SqlDb1 on a logical server named SqlSrv1.
You need to implement connectivity between VM1 and SqlDb1 to meet the following requirements:
✑ Ensure that all traffic to the public endpoint of SqlSrv1 is blocked.
✑ Minimize the possibility of VM1 exfiltrating data stored in SqlDb1.
What should you create on VNet1?
A. a VPN gateway
B. a service endpoint
C. a private link
D. an ExpressRoute gateway
Answer explanation
Correct Answer: C
Azure Private Link enables you to access Azure PaaS Services (for example, Azure Storage and SQL Database) and Azure hosted customerowned/
partner services over a private endpoint in your virtual network.
Traffic between your virtual network and the service travels the Microsoft backbone network. Exposing your service to the public internet is no
longer necessary.
3.
MULTIPLE SELECT QUESTION
45 sec • 2 pts
You have 40 Azure SQL databases, each for a different customer. All the databases reside on the same Azure SQL Database server.
You need to ensure that each customer can only connect to and access their respective database.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. Implement row-level security (RLS).
B. Create users in each database.
C. Configure the database firewall
D. Configure the server firewall.
E. Create logins in the master database.
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
You have an Azure virtual machine named VM1 on a virtual network named VNet1. Outbound traffic from VM1 to the internet is blocked.
You have an Azure SQL database named SqlDb1 on a logical server named SqlSrv1.
You need to implement connectivity between VM1 and SqlDb1 to meet the following requirements:
✑ Ensure that VM1 cannot connect to any Azure SQL Server other than SqlSrv1.
✑ Restrict network connectivity to SqlSrv1.
What should you create on VNet1?
A. a VPN gateway
B. a service endpoint
C. a private link
D. an ExpressRoute gateway
Answer explanation
Correct Answer: C
Azure Private Link enables you to access Azure PaaS Services (for example, Azure Storage and SQL Database) and Azure hosted customerowned/
partner services over a private endpoint in your virtual network.
Traffic between your virtual network and the service travels the Microsoft backbone network. Exposing your service to the public internet is no
longer necessary.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
You are developing an application that uses Azure Data Lake Storage Gen 2.
You need to recommend a solution to grant permissions to a specific application for a limited time period.
What should you include in the recommendation?
A. role assignments
B. account keys
C. shared access signatures (SAS)
D. Azure Active Directory (Azure AD) identities
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
You are designing an enterprise data warehouse in Azure Synapse Analytics that will contain a table named Customers. Customers will contain
credit card information.
You need to recommend a solution to provide salespeople with the ability to view all the entries in Customers. The solution must prevent all the
salespeople from viewing or inferring the credit card information.
What should you include in the recommendation?
A. row-level security
B. data masking
C. Always Encrypted
D. column-level security
Answer explanation
Correct Answer: B
Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics support dynamic data masking. Dynamic data masking limits
sensitive data exposure by masking it to non-privileged users.
The Credit card masking method exposes the last four digits of the designated fields and adds a constant string as a prefix in the form of a
credit card.
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
You have a data warehouse in Azure Synapse Analytics.
You need to ensure that the data in the data warehouse is encrypted at rest.
What should you enable?
A. Transparent Data Encryption (TDE)
B. Advanced Data Security for this database
C. Always Encrypted for all columns
D. Secure transfer required
Answer explanation
Correct Answer: A
Transparent data encryption (TDE) helps protect Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics against the
threat of malicious offline activity by encrypting data at rest.
Create a free account and access millions of resources
Similar Resources on Wayground
20 questions
AZ-900 Day 4 Azure Cost Management & Compliance
Quiz
•
Professional Development
20 questions
Database Basics
Quiz
•
Professional Development
20 questions
DBMS ST Jan 2025
Quiz
•
Professional Development
18 questions
Az-104 Implement and manage Azure storage
Quiz
•
Professional Development
22 questions
MySql conceptos basicos
Quiz
•
Professional Development
20 questions
SQL Programming Revision
Quiz
•
Professional Development
20 questions
Synergy BCA | Chapter 5
Quiz
•
Professional Development
17 questions
AZ-900 Practice Test 8
Quiz
•
Professional Development
Popular Resources on Wayground
20 questions
Brand Labels
Quiz
•
5th - 12th Grade
10 questions
Ice Breaker Trivia: Food from Around the World
Quiz
•
3rd - 12th Grade
25 questions
Multiplication Facts
Quiz
•
5th Grade
20 questions
ELA Advisory Review
Quiz
•
7th Grade
15 questions
Subtracting Integers
Quiz
•
7th Grade
22 questions
Adding Integers
Quiz
•
6th Grade
10 questions
Multiplication and Division Unknowns
Quiz
•
3rd Grade
10 questions
Exploring Digital Citizenship Essentials
Interactive video
•
6th - 10th Grade