Note: This questions is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question-in the series. Each question-is independent of the other questions in this series.
Information and details provided in a question-apply only to that question.
Your company has several Microsoft Azure SQL Database instances.
Data encryption should be allowed to be implemented by the client applications that access the data. Encryption keys should not be made available to the database engine.
You need to configure the database.
What should you implement?
A. transport-level encryption
B. cell-level encryption
C. Transparent Data Encryption
D. Always Encrypted
E. Encrypting File System
F. BitLocker
G. dynamic data masking
I think the correct answer here is D “Always Encrypted”.
With TLE you have a certificate in the server (deployed or self-signed) which is used by the SQL server to establish the encrypted connection. This does not meet the requirements of (1), Encryption by the client (2) SQL Server not have the encryption key