SOL-C01 Question #246: Real Exam Question with Answer & Explanation

Question

You have a Snowflake table named `CUSTOMER DATA' with columns `CUSTOMER ID', `NAME, 'CITY, and 'TRANSACTION DATE. You need to implement a data masking policy that masks the 'NAME column for all users except those with the 'ACCOUNTADMIN' role. Additionally, you want to implement a row-level security policy that filters the data based on the `CITY column, allowing users with the 'CITY MANAGER role to only see data for their assigned city. How would you implement these policies?

Options

• ACreate a masking policy for the `NAME' column using a CASE statement that checks the
• BCreate a view on top of the 'CUSTOMER_DATA' table and implement the masking and row-level
• CCreate a masking policy using regular expressions to filter the data. Create a stored procedure to
• DCreate masking policy using the 'TRANSFORM' function to mask the 'NAME' column, and create a
• ECreate a stored procedure with 'EXECUTE AS OWNER to filter the data based on the 'CITY

Explanation

Options A and D correctly implements masking and row-level security. Option A utilizes masking policy for the 'NAME column that considers the ACCOUNTADMIN' role. And utilizes a row-level security policy (row access policy) that consider 'CITY_MANAGER and 'CITY' for filtering. Option D utilizes TRANSFORM' to transform and mask the 'NAME' column and implements row access policy which includes Mapping table between CITY and CITY_MANAGER. Option B,C, and E are incorrect as they either create a view, stored procedure and/or regular expressions, which are not the best practices of implementing masking and row-level security in Snowflake.

No community discussion yet for this question.