Databricks Certified Data Engineer - Professional
Get started today
Ultimate access to all questions.
In a scenario where you are tasked with implementing a secure and scalable solution to control access to sensitive data in a dataset based on user roles within an Azure SQL Database, which of the following techniques would be the MOST appropriate? Consider the need for minimal maintenance, compliance with data protection regulations, and the ability to dynamically adjust access as roles evolve. Choose the best option from the following:
In a scenario where you are tasked with implementing a secure and scalable solution to control access to sensitive data in a dataset based on user roles within an Azure SQL Database, which of the following techniques would be the MOST appropriate? Consider the need for minimal maintenance, compliance with data protection regulations, and the ability to dynamically adjust access as roles evolve. Choose the best option from the following:
Explanation:
Option C is the most appropriate because it combines the use of dynamic data masking (DDM) and row-level security (RLS) to provide a flexible, scalable, and secure solution. DDM ensures that sensitive data is masked unless the user has the appropriate permissions, while RLS dynamically filters rows based on the user's role, which is stored in a separate table. This approach minimizes maintenance, as role changes only require updates to the role membership table, and complies with data protection regulations by ensuring users only access data they are authorized to see. It also supports dynamic adjustment of access as roles evolve, without the need for manual updates to views or RLS policies.