DEA-C01 Domain 4: Data Security and Governance

A hybrid environment must support a goal to mask sensitive columns in queries without changing application code. What should you implement? mask sensitive columns in queries.

Multiple choice — select one answer

Answer choices

  1. a. Dynamic data masking in Redshift or Athena LF tags
  2. b. SSE-KMS
  3. c. Lake Formation column/row filters
  4. d. Glue connections with Secrets Manager

Architectural breakdown & explanation

Masking limits exposure of sensitive fields.

Correct answer(s): a. Dynamic data masking in Redshift or Athena LF tags

Exam domain: Domain 4: Data Security and Governance (18% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Data Engineer – Associate bank. Run a full timed practice exam with domain-weighted random questions in your browser.