Data Engineering Data Governance and Security Questions and Answers

Question 1

A data engineering team is setting up access permissions for a new data lake containing sensitive customer information.
The requirement is to grant access based on a combination of an employee's department (e.g., 'Sales', 'Marketing'), their seniority level (e.g., 'Analyst', 'Manager'), and the data's sensitivity classification.
Access rights must be dynamic and reflect changes in an employee's role or data classification without manual intervention.
Which access control model is most suitable for this requirement?

Accepted Answer

Attribute-Based Access Control (ABAC)

Answer

Discretionary Access Control (DAC)

Answer

Mandatory Access Control (MAC)

Answer

Role-Based Access Control (RBAC)

Question 2

A data engineer needs to provide a dataset to a third-party analytics vendor. The dataset contains user email addresses and phone numbers, which must be protected. The requirement is to replace these sensitive fields with irreversible, unique identifiers to prevent re-identification of individuals, while still allowing the vendor to count unique users. Which data protection technique should be used?

Accepted Answer

Anonymization using a cryptographic hash function

Answer

Encryption at Rest

Answer

Data Masking with Shuffling

Answer

Data Virtualization

Question 3

In a mature data governance framework, which of the following roles is primarily responsible for the day-to-day management of a specific data domain, including defining data quality rules and ensuring compliance with policies for that domain?

Accepted Answer

Data Steward

Answer

Chief Data Officer (CDO)

Answer

Data Engineer

Answer

Data Custodian

Question 4

A financial services company's compliance department is auditing a critical regulatory report and discovers a discrepancy in a key metric. To investigate, they need to trace the metric back through all the transformations and data pipelines to its original source systems. What data governance capability is essential for this investigation?

Accepted Answer

Data Lineage

Answer

Master Data Management (MDM)

Answer

Data Cataloging

Answer

Data Encryption

Question 5

A data engineer is working for a healthcare provider in the United States and is building a pipeline to process patient records containing Protected Health Information (PHI). Which of the following regulations is the primary compliance framework they must adhere to when handling this data?

Accepted Answer

HIPAA (Health Insurance Portability and Accountability Act)

Answer

GDPR (General Data Protection Regulation)

Answer

CCPA (California Consumer Privacy Act)

Answer

SOX (Sarbanes-Oxley Act)

Question 6

A data engineering team is establishing a data quality program. They are focusing on ensuring that all customer records in their data warehouse contain a valid state and ZIP code, as these fields are mandatory for shipping analysis. Which dimension of data quality are they primarily addressing?

Accepted Answer

Completeness

Answer

Accuracy

Answer

Timeliness

Answer

Uniqueness