What is a weakness of Transparent Data Encryption (TDE) in Azure SQL Database?

Experience Level: Senior

Tags: Azure CloudAzure SQL Database

Answer

TDE protects only data at rest. When data is loaded into memory, it is decrypted and accessible to administrators (DBAs) and can be used by all roles and applications that have access to the database. So if there are any sensitive data in columns that need to be protected from administrator roles and remain encrypted in memory, Transparent Data Encryption (TDE) won't help you.

What is a difference between deterministic and randomized encryption when you use Always Encrypted feature of Azure SQL Database?

Azure CloudAzure SQL Database Senior

You use Always Encrypted feature of Azure SQL Database. When the encryption keys are used, are they revealed to the database engine?

Azure CloudAzure SQL Database Senior

How can you remediate non-compliant resources with Azure Policy?

Azure CloudAzure Policy Senior

You need to configure Azure Policy to ensure that Azure SQL databases have Transparent Data Encryption (TDE) enabled. What steps will you do?

Azure CloudAzure PolicyAzure SQL Database Senior

Your app that is running on Azure VM must be using managed identity. What endpoint should it use to obtain access token?

Azure CloudAzure Virtual Machines Senior

No Comments Yet.
Be the first to tell us what you think.

Azure SQL Database

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself

AZ-304 Microsoft Azure Architect Design Preparation