You are designing a data protection strategy for Azure virtual machines. All the virtual machines are in the Standard tier and use managed disks.
You need to recommend a solution that meets the following requirements:
– The use of encryption keys is audited.
– All the data is encrypted at rest always.
– You manage the encryption keys, not Microsoft.
What should you include in the recommendation?
A . BitLocker Drive Encryption (BitLocker)
B . Azure Storage Service Encryption
C . client-side encryption
D . Azure Disk Encryption
Answer: D
Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/security/azure-security-disk-encryption-overview