Which statement about the Data Masking transformation is true?

The Data Masking transformation is designed to enhance data security by applying specific masking rules to the data rather than altering the original data itself. This allows organizations to protect sensitive information by making it unreadable or disguised while still maintaining its overall structure and usability for analysis and test purposes. The correct statement regarding the Data Masking transformation is that it modifies source data based on configurable masking rules.

These rules determine how the data will be masked, whether by obscuring certain characters, replacing data with fake values, or employing other strategies to hide sensitive information. This configurability is essential, as it allows organizations to tailor their data masking processes according to their specific security needs and compliance requirements.

The other options do not accurately capture the primary function of the Data Masking transformation. It does not solely mask without altering appearance, nor is it focused on maintaining relationships and referential integrity in the sense of not altering data relationships. While Data Masking can be considered transformative in its ability to change data for privacy reasons, it is not classified as an active transformation in the same way others might apply complex rules and change data structures. Instead, it emphasizes data security through masking while allowing the characteristics and integrity of the data format to remain for further use.