DRAG DROP You have SQL Server 2019 on an Azure virtual machine that contains an SSISDB database. A recent failure causes the master database to be lost. You discover that all Microsoft SQL Server integration Services (SSIS) packages fail to run on the virtual machine. Which four actions should you perform in sequence to resolve the issue? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct. 
Yeah this matches what I've seen. Start by attaching SSISDB, then open the master key, re-encrypt DMK with the service master key (since you lost master db), finally set TRUSTWORTHY and CLR options. Pretty sure that's the right sequence after a master db loss, but if anyone's restored in prod and did it differently, let me know.
- Attach the SSISDB database
- Open the master key for the SSISDB database
- Encrypt a copy of the master key by using the service master key
- Turn on the TRUSTWORTHY property and the CLR property
Not totally sure but I’d put it as: Attach SSISDB, Open master key, Encrypt DMK with service master key, then turn on TRUSTWORTHY and CLR. I thought you need to enable TDE at some point too, but most docs show this order after a master db loss. Little fuzzy on step 3 though. Anyone see issues?
- Attach the SSISDB database
- Open the master key for the SSISDB database
- Encrypt a copy of the master key by using the service master key
- Turn on the TRUSTWORTHY property and the CLR property
I get why B is tempting since service endpoints can secure traffic from the vnet, but I think C is closer because only Private Link fully blocks public endpoint access on SqlSrv1. Still a bit unsure here, could be overthinking it.
