The development team asks you to provision an Azure storage account for their use. To remain in compliance with IT security policy, you need to ensure that the new Azure storage account meets the following requirements:
- Data must be encrypted at rest.
- Access keys must facilitate automatic rotation.
- The company must manage the access keys.
What should you do?
1) Configure the storage account to store its keys in Azure Key Vault.
2) Create a service endpoint between the storage account and a virtual network (VNet).
3) Require secure transfer for the storage account.
4) Enable Storage Service Encryption (SSE) on the storage account.