A company uses Azure Table Storage to store user session data. The data must be encrypted at rest. What should you do?
Azure Storage automatically encrypts all data.
Why this answer
Azure Table Storage, as part of Azure Storage, automatically encrypts all data at rest using Azure Storage Service Encryption (SSE) with 256-bit AES encryption. This encryption is enabled by default for all new and existing storage accounts, including Table Storage, and cannot be disabled. Therefore, no additional action is required to meet the encryption-at-rest requirement.
Exam trap
The trap here is that candidates may think encryption at rest requires explicit configuration (like enabling SSE or TDE), not realizing that Azure Storage encrypts all data at rest by default, making options B, C, and D unnecessary or incorrect for this specific scenario.
How to eliminate wrong answers
Option B is wrong because Azure Storage Service Encryption (SSE) is already enabled by default for all Azure Storage accounts, including Table Storage; explicitly enabling it is unnecessary and redundant. Option C is wrong because Transparent Data Encryption (TDE) is a feature specific to Azure SQL Database and SQL Server, not applicable to Azure Table Storage, which is a non-relational, key-value store. Option D is wrong because client-side encryption is an optional, additional layer of security for scenarios requiring end-to-end encryption, but it is not required to achieve encryption at rest, which is already handled server-side by Azure Storage by default.