Explanation:
The requirement calls for masking sensitive data from end users while allowing partial visibility to functional managers. Dynamic data masking (Option B) is the optimal solution as it enables role-based masking policies where different user roles can see different levels of data - end users see masked data while functional managers can see partial/unmasked data based on their roles. This is confirmed by the community discussion where B has 100% consensus and upvoted comments explain how masking policies can be implemented for different roles. Option A (data encryption) protects data at rest but doesn't provide granular visibility control. Option C (secure materialized views) could work but is more complex and costly as noted in one comment. Option D (revoke all roles) would break functionality rather than provide partial visibility.
Ultimate access to all questions.
No comments yet.
A Snowflake Administrator needs to ensure that sensitive corporate data in Snowflake tables is masked from end users, but remains partially visible to functional managers.
How can this requirement be met?
A
Use data encryption.
B
Use dynamic data masking.
C
Use secure materialized views.
D
Revoke all roles for functional managers and end users.