Home › Azure AZ-500 › cloudcomputing › az500compstoragedb › Which Azure SQL feature should a security engine…
Which Azure SQL feature should a security engineer enable to obscure sensitive column values (e.g. show '****-****-****-1234' for card numbers) to non-privileged users at query time?
ADisabling row-level security
BDynamic Data Masking
CAzure Cache for Redis
DAzure DNS
Answer & Solution
Correct answer: B. Dynamic Data Masking
Dynamic Data Masking applies query-time field obfuscation (per AZ-500 §3 SQL masking). The other options aren't masking.
Related questions
Which Azure Storage feature should a security engineer enable to require all reads/writes Which Azure VM security feature lets a security engineer require all data passing between Which Azure SQL feature lets a security engineer enable Microsoft Entra ID-based DB loginsWhich Azure SQL Database feature should a security engineer recommend to encrypt sensitiveWhich Azure SQL Database feature should a security engineer enable to encrypt data at restWhich Azure storage feature lets a security engineer generate a TIME-LIMITED, scope-bound Which Azure storage authentication option should a security engineer prefer over shared-keWhich Azure storage feature should a security engineer use to PROTECT BLOBS from accidenta