Scenario: I am connecting to my Azure SQL db(Paas) instance from my laptop using SQL management studio.
What I read so far from the internet is that Azure SQL Db only allows encrypted connections, so wish to double check my findings and also undertand more if someone has good answers.
Are my queries and the result data encrypted in transport here.
Yes. From this link:
All connections to Azure SQL Database require encryption (SSL/TLS) at all times while data is "in transit" to and from the database. In your application's connection string, you must specify parameters to encrypt the connection and not to trust the server certificate (this is done for you if you copy your connection string out of the Azure Classic Portal), otherwise the connection will not verify the identity of the server and will be susceptible to "man-in-the-middle" attacks. For the ADO.NET driver, for instance, these connection string parameters are Encrypt=True and TrustServerCertificate=False.
What are other security concerns/steps I should be taking care of here?
Not specifically for man-in-the-middle attacks, but you should consider setting Firewall Rules properly so that users only from certain IP addresses can access your database.
I would strongly recommend reading this document for securing access to your Azure SQL Databases: https://learn.microsoft.com/en-us/azure/sql-database/sql-database-security-overview.