You are securing an Azure Data Lake Storage Gen2 account that contains sensitive data. Which TWO of the following should you implement to protect data from unauthorized access?
ACLs allow granular permissions at the file and directory level.
Why this answer
Option A is correct because private endpoints ensure data traffic does not traverse the public internet. Option C is correct because ACLs provide fine-grained access control at the directory/file level. Option B is wrong because cross-origin resource sharing (CORS) is for web applications, not security.
Option D is wrong because a default ACL of 'read' for all authenticated users would grant broad access. Option E is wrong because large file shares are for Azure Files, not ADLS Gen2.