Designing Azure Infrastructure Solutions — Question 111

You plan to deploy an app that will use an Azure Storage account.
You need to deploy the storage account. The storage account must meet the following requirements:
✑ Store the data for multiple users.
✑ Encrypt each user's data by using a separate key.
✑ Encrypt all the data in the storage account by using customer-managed keys.
What should you deploy?

Answer options

• A. files in a premium file share storage account
• B. blobs in a general purpose v2 storage account
• C. blobs in an Azure Data Lake Storage Gen2 account
• D. files in a general purpose v2 storage account

Correct answer: B

Explanation

The correct answer is B, as a general purpose v2 storage account supports the required features of user-based encryption with separate keys and allows for customer-managed keys for encryption. Options A and D do not support the necessary encryption functionalities for multiple users with separate keys, while option C, though capable of handling blobs, does not specifically meet the requirement for customer-managed keys in the same way as the general purpose v2 storage account.