Which combination best supports governance and access control in Fabric data assets?

Effective governance and access control across Fabric data assets come from a layered approach that covers who can access data, what actions they can perform, and how data is observed and protected. RBAC defines roles and permissions at scale, while ACLs per asset enforce granular controls for individual assets. MFA strengthens authentication beyond a password. Conditional access applies risk- and context-based rules to access requests. Data lineage provides visibility into data origins and transformations, enabling auditing and impact analysis. Data masking protects sensitive values, allowing broader access for analysis without exposing sensitive data. Put together, these elements deliver both strict access control and solid governance by integrating identity, authorization, policy context, data provenance, and data protection. Options that omit monitoring, lineage, or masking, or overspecify external sources, don’t offer the same level of governance across Fabric data assets.