AZ-500 Secure compute, storage, and databases • Set 15
AZ-500 Secure compute, storage, and databases Practice Test 15 — 15 questions with explanations. Free, no signup.
You work for a financial institution that uses Azure Cosmos DB with API for NoSQL to store transaction data. The security requirements mandate: (1) All data at rest must be encrypted using customer-managed keys (CMK) stored in Azure Key Vault. (2) The encryption keys must be automatically rotated every 60 days. (3) Network access to the Cosmos DB account must be restricted to only specific virtual networks. (4) Access to the keys must be logged and monitored. (5) The Cosmos DB account must be configured to use private endpoints. You have configured the Cosmos DB account with CMK and private endpoints. However, after setting up automatic key rotation in Key Vault, the Cosmos DB account starts returning 403 (Forbidden) errors for some requests. What is the most likely cause?