Smash the Microsoft Azure Fundamentals Exam 2025 – Dive into the AZ-900 Adventure!

The correct answer is the option that emphasizes Transparent Data Encryption (TDE). TDE is specifically designed to protect Azure SQL Database and Azure Data Warehouse from malicious activities by encrypting the data at rest. This ensures that sensitive information is safeguarded, even if unauthorized access to the underlying storage occurs. TDE helps to mitigate risks of data breaches and compliance violations by protecting the databases without requiring extensive application changes.

While other options also provide significant encryption benefits within Azure, they are not as directly tied to the protection of Azure SQL Database and Azure Data Warehouse specifically against malicious activity. Azure Storage Service Encryption is aimed at Azure Storage accounts, while Azure Disk Encryption pertains primarily to virtual machines. Therefore, although all these encryption methods contribute to a secure Azure environment, TDE is uniquely focused on SQL databases, making it the most relevant answer regarding the protection of Azure SQL Database and Azure Data Warehouse from threats specifically tied to data breaches.