Summary and knowledge check

Completed

In this module, you learned about how Microsoft 365 encrypts data-at-rest and in-transit, securely manages encryption keys, and provides key management options to customers to meet their business needs and compliance obligations.

Now that you have completed this module, you should be able to:

• Explain how encryption mitigates the risk of unauthorized data disclosure.
• Describe Microsoft data-at-rest and data-in-transit encryption solutions.
• Explain how Microsoft 365 implements service encryption to protect customer data at the application layer.
• Understand the differences between Microsoft managed keys and customer-managed keys for use with service encryption.

Check your knowledge

1.

Which of the following is a benefit of encryption?

It is always legally required.

It helps mitigate the impact of data theft.

It renders data permanently unreadable.

It meets all access control requirements.

2.

If a customer has stringent encryption requirements for key management that mandate keys are rolled every year, which of the following Microsoft 365 features should the customer use?

Microsoft Managed Keys

Availability key

Customer Key

3.

Which of the following statements is accurate?

Files sent between users in Microsoft Purview are encrypted using BitLocker.

Microsoft 365 uses service encryption to encrypt customer data at the application layer.

Microsoft utilizes a third party’s certificate authority to manage all certificates used for TLS encryption.

You must answer all questions before checking your work.