Suspicious user activity with sensitive data (user not privileged)

The Security incidents: Suspicious user activity with sensitive data (user not privileged) policy identifies situations where an unauthorized user tries to access sensitive data.

The Security incidents:Suspicious user activity with sensitive data policy contains the following rules:
Identify access to sensitive data by unauthorized user
This rule configures the server to detect when an unauthorized user accesses a table that contains sensitive data.
Generate security incident exception
This rule generates an exception message in the Security Incident report when an unauthorized database user attempts to access the sensitive data.