Answer: Dynamic Data Masking, External Tokenization

The question asks for the two features that comprise Snowflake's column-level security. Based on the community discussion and Snowflake documentation, Dynamic Data Masking (B) and External Tokenization (C) are the correct answers. Dynamic Data Masking uses masking policies to selectively mask plain-text data in columns at query time, while External Tokenization tokenizes data before loading and detokenizes it at query runtime using masking policies with external functions. The community consensus strongly supports BC (100% agreement), with multiple comments citing official documentation and emphasizing these are column-level (not row-level) security features. Options A (Continuous Data Protection), D (Key pair authentication), and E (Row access policies) are incorrect as they relate to other security aspects: CDP is for data recovery, key pair authentication is for user access control, and row access policies are for row-level (not column-level) security.

Author: LeetQuiz Editorial Team