A data engineer is tasked with restricting access to certain sensitive columns in a table for specific users and ensuring that only authorized users can view rows based on their assigned warehouse ID. The company also wants to apply dynamic data masking to hide sensitive personal information. Which features should the data engineer use to implement this requirement in Amazon Redshift? (Choose TWO.)