[&] You manage a patient database for a health care provider in Azure.  Several columns contain sensitive data that is not used for filter, sort, or join operations.  Which of the following will provide the highest possible level of protection for this data?
- Encrypt the columns data using a deterministic key
- Save the data as a hash using an MD5 hash
- Encrypt the column data using a random key -- Correct
- Encrypt the column data using transparent data encryption

[&] Where can you store the master column encryption key?
- Azure SQL database metadata
- Key vault -- Correct
- Local certificate store -- Correct
- Storage account