AZ-500 • Practice Exam 65
Free AZ-500 practice exam — 20 questions with explanations. Set 65. No signup required.
Your organization runs a critical application on Azure Virtual Machines (VMs) that processes credit card transactions. Compliance with PCI DSS requires that all cardholder data be encrypted at rest and that the encryption keys be stored in a FIPS 140-2 Level 3 validated hardware security module (HSM). You have chosen to use Azure Disk Encryption with customer-managed keys stored in Azure Key Vault Managed HSM. During a security review, you discover that the VMs are using unmanaged disks. You need to migrate them to managed disks without downtime and ensure that encryption is applied. You also need to maintain the existing encryption keys and ensure that the encryption set is in the same region as the VMs. What should you do?