AP21110011107 CDM Assignment-7
AP21110011107 CDM Assignment-7
AP21110011126
• Definition: TDE is a method that encrypts the entire database, including data files, backups,
and logs, at rest without altering how applications access the database.
• How It Works: It encrypts the data at the storage level using encryption keys. When data is
read from the disk, it is automatically decrypted for the user. Similarly, any data written back
to the disk is encrypted.
Purpose: It protects against unauthorized access to data at rest, ensuring that even if
physical access to database files is obtained, the data remains secure.
• Definition: Dynamic Data Masking obscures sensitive data in real-time by masking it when
queried by non-privileged users.
• How It Works: It provides a way to create a mask for specific fields, such as credit card
numbers, social security numbers, etc. When data is retrieved by a user without the required
permissions, the data appears in a masked form (e.g., replacing digits with 'X' or '*').
Purpose: This helps protect sensitive data from being exposed to unauthorized users while
allowing applications to access data as needed.
1. Create a Table:
FullName NVARCHAR(100),
);
2. Insert Data:
VALUES