A user has the appropriate privilege to see unmasked data in a column.
If the user loads this column data into another column that does not have a masking policy, what will occur?
A user has the appropriate privilege to see unmasked data in a column.
If the user loads this column data into another column that does not have a masking policy, what will occur?
When a user with the appropriate privileges to see unmasked data loads data from a column with a masking policy into another column that does not have a masking policy, the unmasked data will be loaded into the new column. This is because the user's privileges allow them to access the data without the masking applied, and since the new column lacks a masking policy, it will store the data in its unmasked form.
Definitely A. "Since a masking policy is set on the source column, a role that views unmasked column data can insert unmasked data into another column, where any role with sufficient privileges on the table or view can see the value.". Doc: https://docs.snowflake.com/en/user-guide/security-column-intro
C Use caution when inserting values from a source column that has a masking policy on the source column to a target column without a masking policy on the target column. Since a masking policy is set on the source column, a role that views unmasked column data can insert unmasked data into another column, where any role with sufficient privileges on the table or view can see the value. If a role that sees masked data in the source column inserts those values into a target column, the inserted values remain masked. https://docs.snowflake.com/en/user-guide/security-column-intro
A is correct
I copied masked vaues to anothe columns w/o masking policy. Vote for "A" option
A. Unmasked data will be loaded in the new column. Here’s why: When a user with appropriate privileges to see unmasked data loads data from a column with a masking policy into another column without a masking policy, the data loaded into the new column will be unmasked. This is because the user's privileges allow them to access the original data without the masking applied. Since the new column does not have a masking policy, it will simply store the data as it was accessed by the user, which in this case is unmasked. Therefore, the new column will contain the unmasked data regardless of the masking policy on the original column, and no additional masking will be applied to the new column unless explicitly defined.
Definitely A. "Since a masking policy is set on the source column, a role that views unmasked column data can insert unmasked data into another column, where any role with sufficient privileges on the table or view can see the value.". Doc: https://docs.snowflake.com/en/user-guide/security-column-intro
Answer is C
Answer is A and is validated
"Since a masking policy is set on the source column, a role that views unmasked column data can insert unmasked data into another column, where any role with sufficient privileges on the table or view can see the value.". Doc: https://docs.snowflake.com/en/user-guide/security-column-intro
Your explanation only confirms A as the answer
Your explanation point to A as the correct answer.