DEA-C01 Data Security and Governance • Set 12
DEA-C01 Data Security and Governance Practice Test 12 — 15 questions with explanations. Free, no signup.
A data engineer is designing a data pipeline that ingests customer data from an on-premises database into Amazon S3. The data contains personally identifiable information (PII). The company policy requires that all PII be masked before it is stored in S3. The pipeline uses AWS DMS for migration and AWS Glue for transformation. The engineer needs to ensure that the masking is applied consistently and that no unmasked data is written to S3. The engineer has set up DMS to replicate data to an S3 bucket, and then a Glue job reads from S3, applies masking, and writes to another S3 bucket. However, there is a risk that unmasked data in the first S3 bucket could be accessed before the Glue job runs. What should the engineer do to mitigate this risk?