Dynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal with minimal impact on the application layer. DDM can be configured on the database to hide sensitive data as the result sets of queries over designated database fields, while the data in the database is not changed.
Blog | Jul 21, 2016
Always Encrypted is a feature designed to protect sensitive data, such as credit card numbers or national identification numbers (e.g. US social security numbers), stored in SQL Server databases. Always Encrypted allows clients to encrypt sensitive data inside client applications and never reveal the encryption keys to SQL Server.
Blog | Feb 26, 2014
The Tempdb system database is similar to other user databases except that it doesn’t persist after SQL server shuts down; which implies that with every restart the tempdb gets recreated and is copied from a model database.