Administering Relational Databases on Microsoft Azure — Question 11

You have a SQL pool in Azure Synapse that contains a table named dbo.Customers. The table contains a column name Email.
You need to prevent nonadministrative users from seeing the full email addresses in the Email column. The users must see values in a format of[email protected]instead.
What should you do?

Answer options

• A. From the Azure portal, set a mask on the Email column.
• B. From the Azure portal, set a sensitivity classification of Confidential for the Email column.
• C. From Microsoft SQL Server Management Studio, set an email mask on the Email column.
• D. From Microsoft SQL Server Management Studio, grant the SELECT permission to the users for all the columns in the dbo.Customers table except Email.

Correct answer: A

Explanation

Setting a mask on the Email column allows for dynamic data masking, which obfuscates the email addresses for nonadministrative users while still allowing them to access the data in a masked format. The sensitivity classification does not alter the visibility of the data, and granting SELECT permission to all columns except Email would not provide the required masked format for the email addresses.