Microsoft Azure Data Engineer Associate - DP-203

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: column-level security

## Detailed Explanation ### **Column-Level Security (Option A)** - **Optimal Choice**: Column-level security is specifically designed to restrict access to specific columns in a table based on user or group permissions. In Azure Synapse Analytics dedicated SQL pools, you can implement column-level security using `GRANT` and `DENY` permissions on individual columns. - **Implementation**: You would create a security policy that denies `SELECT` permissions on the email address column for the specific user group while allowing access to other columns. - **Why It Works**: This approach directly addresses the requirement by preventing the specified group from reading email addresses while maintaining their access to other data in the table. ### **Why Other Options Are Less Suitable** #### **Row-Level Security (RLS) - Option B** - RLS filters rows based on user context but does not restrict access to specific columns. It operates at the row level, not the column level. - **Limitation**: Even with RLS implemented, users who can access rows would still be able to see all columns in those rows, including email addresses. #### **Transparent Data Encryption (TDE) - Option C** - TDE provides encryption for data at rest but does not control access to specific columns during query execution. - **Limitation**: Authorized users with proper permissions can still read decrypted data, including email addresses, when querying the table. #### **Dynamic Data Masking - Option D** - Dynamic data masking obscures sensitive data in query results but does not prevent access to the actual data. - **Limitation**: While it masks the display of email addresses, users with sufficient privileges can still access the unmasked data through other means or by bypassing the masking rules. ### **Best Practice Considerations** - Column-level security provides the most granular control for column-specific access restrictions in Azure Synapse Analytics. - This approach aligns with the principle of least privilege by granting users only the access they need to perform their duties. - Column-level security policies are enforced at the database engine level, providing robust protection regardless of the application or tool used to access the data.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: column-level security

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

You have an Azure Synapse Analytics dedicated SQL pool containing a table named dbo.Users. You need to prevent a specific group of users from being able to read the email addresses from the dbo.Users table.

What should you use?

Exam-Like

column-level security

row-level security (RLS)

Transparent Data Encryption (TOE)

dynamic data masking

Microsoft Azure Data Engineer Associate - DP-203

Get started today

Quick Answer

Quick Answer

Comments (0)

Get started today

Comments (0)

You have an Azure Synapse Analytics dedicated SQL pool containing a table named dbo.Users. You need to prevent a specific group of users from being able to read the email addresses from the dbo.Users table. What should you use?

You have an Azure Synapse Analytics dedicated SQL pool containing a table named dbo.Users. You need to prevent a specific group of users from being able to read the email addresses from the dbo.Users table.

What should you use?