You have an Azure SQL database that contains a table named Employees. Employees contains a column named Salary.
You need to encrypt the Salary column. The solution must prevent database administrators from reading the data in the Salary column and must provide the most secure encryption.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Correct Answer:

Explanation:
Step 1: Create a column master key
Create a column master key metadata entry before you create a column encryption key metadata entry in the database and before any column in the database can be encrypted using Always Encrypted.
Step 2: Create a column encryption key.
Step 3: Encrypt the Salary column by using the randomized encryption type.
Randomized encryption uses a method that encrypts data in a less predictable manner. Randomized encryption is more secure, but prevents searching, grouping, indexing, and joining on encrypted columns.
Note: A column encryption key metadata object contains one or two encrypted values of a column encryption key that is used to encrypt data in a column. Each value is encrypted using a column master key.
Incorrect Answers:
Deterministic encryption.
Deterministic encryption always generates the same encrypted value for any given plain text value. Using deterministic encryption allows point lookups, equality joins, grouping and indexing on encrypted columns. However, it may also allow unauthorized users to guess information about encrypted values by examining patterns in the encrypted column, especially if there's a small set of possible encrypted values, such as True/False, or North/South/East/West region.
Reference:
https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-database-engine

Comment: *

Name: *

Email: *

Verification: *

You need to implement authentication for ResearchDB1. The solution must meet the security and compliance
requirements.
What should you run as part of the implementation?

• A.CREATE LOGIN and the FROM WINDOWS clause
• B.CREATE USER and the FROM CERTIFICATE clause
• C.CREATE USER and the FROM LOGIN clause
• D.CREATE USER and the ASYMMETRIC KEY clause
• E.CREATE USER and the FROM EXTERNAL PROVIDER clause

Comment: *

Name: *

Email: *

Verification: *

You need to design an analytical storage solution for the transactional dat a. The solution must meet the sales transaction dataset requirements.
What should you include in the solution? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Correct Answer:

Reference:
https://rajanieshkaushikk.com/2020/09/09/how-to-choose-right-data-distribution-strategy-for-azure-synapse/

Comment: *

Name: *

Email: *

Verification: *

You have a new Azure SQL database named DB1 on an Azure SQL server named AzSQL1.
The only user who was created is the server administrator.
You need to create a contained database user in DB1 who will use Azure Active Directory (Azure AD) for authentication.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Correct Answer:

1 - Set up the Active Directory Admin for AzSQL1.
2 - Connect to DB1 by using the server administrator.
3 - Create a user by using the FROM EXTERNAL PROVIDER clause.
Reference:
https://docs.microsoft.com/en-us/sql/t-sql/statements/create-user-transact-sql

Comment: *

Name: *

Email: *

Verification: *

You have an Azure SQL managed instance.
You need to enable SQL Agent Job email notifications.
What should you do?

• A.Run the sp_configure command.
• B.Use the Agent XPs option.
• C.Run the sp set_agent properties command.
• D.Enable the SQL Server Agent.

Comment: *

Name: *

Email: *

Verification: *