Note: This question is part of a series of questions that present the same scenario.
Each question in the series contains a unique solution that might meet the stated goals.
Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it.
As a result, these questions will not appear in the review screen.
You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.
You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.
Solution: You create a data loss prevention (DLP) policy that has only the Exchange email location selected.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B.
The solution presented in the question is not sufficient to meet the stated goal of ensuring that Azure Storage keys are encrypted when emailed.
The solution involves creating a data loss prevention (DLP) policy that has only the Exchange email location selected. This would mean that the DLP policy only applies to emails sent from Exchange, but it does not ensure that the content of the email, including Azure Storage keys, is encrypted.
To ensure that Azure Storage keys are encrypted when emailed, a more comprehensive solution is required. One possible solution would be to configure Azure Information Protection (AIP) to automatically classify and protect sensitive data, including Azure Storage keys. This can be done by creating AIP labels that apply protection to emails containing sensitive data. When an email is sent that contains an Azure Storage key, the AIP label is applied, and the email content is encrypted automatically.
In addition to AIP, other solutions may include implementing secure methods for sharing keys such as Azure Key Vault or Azure Active Directory.
Therefore, the correct answer to the question is B. No, the presented solution does not meet the goal of ensuring that Azure Storage keys are encrypted when emailed.