Answer-first summary for fast verification
Answer: Configure Delta Lake's built-in encryption feature for the table, set up fine-grained access controls, and use data masking for additional protection where necessary.
The best approach combines Delta Lake's built-in encryption for data at rest, which ensures that the data is securely stored, with fine-grained access controls to restrict data access based on user roles, and data masking to provide an additional layer of security for sensitive data when accessed. This multi-layered security strategy complies with GDPR and other privacy regulations by protecting data at rest and in use, while still allowing authorized users to perform necessary analytics. Options A, B, and C each provide a part of the solution but do not comprehensively address all the requirements together as effectively as option D.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
In your role as a data engineer at a financial institution, you are tasked with ensuring that a Delta table containing highly sensitive customer information is protected in compliance with GDPR and other data privacy regulations. The solution must not only secure the data but also maintain its accessibility for authorized analytics. Considering the need for encryption at rest, role-based access control, and data masking, which of the following approaches BEST meets these requirements? Choose the single best option.
A
Enable Transparent Data Encryption (TDE) on the Delta table to encrypt data at rest without requiring changes to the application.
B
Implement column-level encryption for sensitive fields, ensuring that only users with the decryption key can view the data.
C
Apply dynamic data masking to the Delta table, which obscures sensitive data in query results based on user permissions.
D
Configure Delta Lake's built-in encryption feature for the table, set up fine-grained access controls, and use data masking for additional protection where necessary.
No comments yet.