Home » Microsoft » 70-475 v.2 » What should you use?
You have an application that displays from a Microsoft Azure SQL database. The database contains credit card numbers.
You need to ensure that the application only displays the last four digits of each credit card number when a credit card number is returned from a query. The solution must NOT require any changes to the data in the database.
What should you use?
A. Dynamic Data Masking
B. cell-level security
C. Transparent Data Encryption (TDE)
D. row-level security
Correct Answer: A
Explanation/Reference:
Dynamic Data Masking can be used to hide or obfuscate sensitive data, by controlling how the data appears in the output of database queries.
Dynamic Data Masking rules can be defined on particular columns, indicating how the data in those columns will appear when queried. There are no physical changes to the data in the database itself; the data remains intact and is fully available to authorized users or applications. Database operations remain unaffected, and the masked data has the same data type as the original data, so DDM can often be applied without making any changes to database procedures or application code.
References:
https://blogs.technet.microsoft.com/dataplatforminsider/2016/01/25/use-dynamic-data-masking-to-obfuscate-your-sensitive-data/