You are responsible for securing Azure SQL Managed Instance. You need to ensure that only encrypted connections are allowed and that all client connections use the latest TLS protocol. Which TWO configurations should you implement?
Forces clients to use TLS 1.2 or higher.
Why this answer
Options A and C are correct. Enforcing TLS 1.2 ensures only encrypted connections using that protocol are accepted. Setting 'Force SSL' to 'Enabled' (or 'On') ensures all connections use encryption.
Option B is incorrect because TDE encrypts data at rest, not in transit. Option D is incorrect because firewall rules control network access, not encryption. Option E is incorrect because Microsoft Defender for SQL provides threat detection.