Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Snowflake Exam ARA-C01 Topic 3 Question 21 Discussion

Actual exam question for Snowflake's ARA-C01 exam
Question #: 21
Topic #: 3
[All ARA-C01 Questions]

Consider the following scenario where a masking policy is applied on the CREDICARDND column of the CREDITCARDINFO table. The masking policy definition Is as follows:

Sample data for the CREDITCARDINFO table is as follows:

NAME EXPIRYDATE CREDITCARDNO

JOHN DOE 2022-07-23 4321 5678 9012 1234

if the Snowflake system rotes have not been granted any additional roles, what will be the result?

Show Suggested Answer Hide Answer
Suggested Answer: D

The masking policy defined in the image indicates that if a user has the PI_ANALYTICS role, they will be able to see the last 4 characters of the CREDITCARDNO column data in clear text. Otherwise, they will see 'MASKED'. Since Snowflake system roles have not been granted any additional roles, they won't have the PI_ANALYTICS role and therefore cannot view the last 4 characters of credit card numbers.

To apply a masking policy on a column in Snowflake, you need to use the ALTER TABLE ... ALTER COLUMN command or the ALTER VIEW command and specify the policy name. For example, to apply the creditcardno_mask policy on the CREDITCARDNO column of the CREDITCARDINFO table, you can use the following command:

ALTER TABLE CREDITCARDINFO ALTER COLUMN CREDITCARDNO SET MASKING POLICY creditcardno_mask;

For more information on how to create and use masking policies in Snowflake, you can refer to the following resources:

CREATE MASKING POLICY: This document explains the syntax and usage of the CREATE MASKING POLICY command, which allows you to create a new masking policy or replace an existing one.

Using Dynamic Data Masking: This guide provides instructions on how to configure and use dynamic data masking in Snowflake, which is a feature that allows you to mask sensitive data based on the execution context of the user.

ALTER MASKING POLICY: This document explains the syntax and usage of the ALTER MASKING POLICY command, which allows you to modify the properties of an existing masking policy.


Contribute your Thoughts:

Lisbeth
6 months ago
I'm not sure, but I think the answer might be B. The table owner will see the CREDITCARDNO data in clear text.
upvoted 0 times
...
Pamella
6 months ago
I disagree, I believe the answer is D. Those with the Pl_ANALYTICS role will see the CREDITCARDNO column as 'MASKED'.
upvoted 0 times
...
Arleen
6 months ago
I think the answer is A. The sysadmin can see the CREDITCARDNO data in clear text.
upvoted 0 times
...
Fannie
6 months ago
No, the sysadmin will still see the masked data unless they have additional roles.
upvoted 0 times
...
Tom
6 months ago
But what about the sysadmin? Do you think they will see the data in clear text?
upvoted 0 times
...
Stephen
7 months ago
I agree with Fannie, the masking policy clearly states that the last 6 characters will be masked.
upvoted 0 times
...
Fannie
7 months ago
I think the answer is D) Anyone with the Pl_ANALYTICS role will see the CREDICARDND column as 'MASKED'.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77