Dynamic Data Masking in Azure SQL

Questions and Answers

What is the primary purpose of Dynamic Data Masking (DDM)?

To programmatically manage data masking policies and rules

To grant or revoke permissions for accessing unmasked data (correct)

To flag sensitive database fields for potential masking

To apply various masking functions to database fields

Which of the following is NOT a supported operation in the Dynamic Data Masking REST API?

Manage data masking rules

Provision new database instances (correct)

Configure permissions for data masking

Manage data masking policies

Which of the following is a built-in role that can be used to configure Dynamic Data Masking?

Security Manager

There are no built-in roles for configuring Dynamic Data Masking (correct)

Database Administrator

Data Steward

What is the purpose of the UNMASK permission in Dynamic Data Masking?

To grant or revoke access to view unmasked data

Which of the following steps is required to apply data masking to a database column using the Dynamic Data Masking portal?

Select the appropriate masking function

What is the primary benefit of using Dynamic Data Masking with Microsoft Entra authentication?

It provides a granular way to control access to unmasked data

What does dynamic data masking in Azure SQL Database help prevent?

Unauthorized access to sensitive data

How does dynamic data masking impact the application layer?

Minimal effect on the application layer

Where can a dynamic data masking policy be set up in Azure SQL Database?

Azure Portal under Security in SQL Database configuration pane

What is an example of how dynamic data masking can be used for confidentiality?

Masking all the email addresses in query results

Why might a service representative at a call center only see partial email addresses using dynamic data masking?

To identify a caller without revealing sensitive information

What feature helps hide sensitive data in the result set of a query over designated database fields?

Dynamic data masking