Home › Azure AZ-500 › cloudcomputing › az500compstoragedb › Which Azure Storage feature should a security en…
Which Azure Storage feature should a security engineer enable to require all reads/writes to use HTTPS + TLS — rejecting plaintext HTTP API calls?
ADisabling TLS entirely
BPublic-anonymous read
CSecure transfer required (storage account property + Azure Policy 'Storage accounts should use a secure transfer for connections')
DAzure DNS
Answer & Solution
Correct answer: C. Secure transfer required (storage account property + Azure Policy 'Storage accounts should use a secure transfer for connections')
Secure-transfer-required + Policy enforcement is the canonical pattern (per AZ-500 §3 storage TLS). The others are insecure.
Related questions
Which Azure VM security feature lets a security engineer require all data passing between Which Azure SQL feature lets a security engineer enable Microsoft Entra ID-based DB loginsWhich Azure SQL feature should a security engineer enable to obscure sensitive column valuWhich Azure SQL Database feature should a security engineer recommend to encrypt sensitiveWhich Azure SQL Database feature should a security engineer enable to encrypt data at restWhich Azure storage feature lets a security engineer generate a TIME-LIMITED, scope-bound Which Azure storage authentication option should a security engineer prefer over shared-keWhich Azure storage feature should a security engineer use to PROTECT BLOBS from accidenta