ExamGecko
Search Search Login
Home Home / Snowflake / ADA-C01
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

In general, the monthly billing for database replication is proportional to which variables? (Select TWO).
A Snowflake Administrator is investigating why a query is not re-using the persisted result cache. The Administrator found the two relevant queries from the SNOWFLAKE. ACCOUNT_USAGE. QUERY_HISTORY view: Why is the second query re-scanning micro-partitions instead of using the first query's persisted result cache?
A Snowflake account is configured with SCIM provisioning for user accounts and has bi-directional synchronization for user identities. An Administrator with access to SECURITYADMIN uses the Snowflake UI to create a user by issuing the following commands: use role USERADMIN; create or replace role DEVELOPER_ROLE; create user PTORRES PASSWORD = 'hello world!' MUST_CHANGE_PASSWORD = FALSE default_role = DEVELOPER_ROLE; The new user named PTORRES successfully logs in, but sees a default role of PUBLIC in the web UI. When attempted, the following command fails: use DEVELOPER_ROLE; Why does this command fail?
If the query matches the definition, will Snowflake always dynamically rewrite the query to use a materialized view?
A Snowflake Administrator created a role ROLE_MANAGED_ACCESS and a schema SCHEMA_MANAGED_ACCESS as follows: USE ROLE SECURITYADMIN; CREATE ROLE ROLE_MANAGED_ACCESS; GRANT ROLE ROLE_MANAGED_ACCESS TO ROLE SYSADMIN; GRANT USAGE ON WAREHOUSE COMPUTE_WH TO ROLE ROLE_MANAGED_ACCESS; GRANT ALL privileges ON DATABASE WORK TO ROLE ROLE_MANAGED_ACCESS; USE ROLE ROLE_MANAGED_ACCESS; CREATE SCHEMA SCHEMA_MANAGED_ACCESS WITH MANAGED ACCESS; USE ROLE SECURITYADMIN; GRANT SELECT, INSERT ON FUTURE TABLES IN SCHEMA SCHEMA MANAGED ACCESS to ROLE_MANAGED_ACCESS; The Administrator now wants to disable the managed access on the schema. How can this be accomplished?
What are characteristics of data replication in Snowflake? (Select THREE).
A Snowflake Administrator needs to set up Time Travel for a presentation area that includes facts and dimensions tables, and receives a lot of meaningless and erroneous loT data. Time Travel is being used as a component of the company's data quality process in which the ingestion pipeline should revert to a known quality data state if any anomalies are detected in the latest load. Data from the past 30 days may have to be retrieved because of latencies in the data acquisition process. According to best practices, how should these requirements be met? (Select TWO).
Which statement allows this user to access this Snowflake account from a specific IP address (192.168.1.100) while blocking their access from anywhere else?
What roles can be used to create network policies within Snowflake accounts? (Select THREE).
What is a characteristic of Snowflake's transaction locking and concurrency modeling?

Question 12 - ADA-C01 discussion

Report
Export

What is required for stages, without credentials, to limit data exfiltration after a storage integration and associated stages are created?

A.
ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = true; ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = true; ALTER ACCOUNT my_account SET PREVENT_UNLOAD_TO_INLINE_URL = false;
Answers
A.
ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = true; ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = true; ALTER ACCOUNT my_account SET PREVENT_UNLOAD_TO_INLINE_URL = false;
B.
ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = false; ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = false; ALTER ACCOUNT my_account SET PREVENT_UNLOAD_TO_INLINE_URL = true;
Answers
B.
ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = false; ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = false; ALTER ACCOUNT my_account SET PREVENT_UNLOAD_TO_INLINE_URL = true;
C.
ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = false; ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = false; ALTER ACCOUNT my_account SET PREVENT_UNLOAD_TO_INLINE_URL = false;
Answers
C.
ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = false; ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = false; ALTER ACCOUNT my_account SET PREVENT_UNLOAD_TO_INLINE_URL = false;
D.
ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = true; ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION FOR STAGE_OPERATION = true; ALTER ACCOUNT my_account SET PREVENT_UNLOAD_TO_INLINE_URL = true;
Answers
D.
ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = true; ALTER ACCOUNT my_account SET REQUIRE_STORAGE_INTEGRATION FOR STAGE_OPERATION = true; ALTER ACCOUNT my_account SET PREVENT_UNLOAD_TO_INLINE_URL = true;
Suggested answer: D

Explanation:

According to the Snowflake documentation1, stages without credentials are a way to create external stages that use storage integrations to access data files in cloud storage without providing any credentials to Snowflake. Storage integrations are objects that define a trust relationship between Snowflake and a cloud provider, allowing Snowflake to authenticate and authorize access to the cloud storage. To limit data exfiltration after a storage integration and associated stages are created, the following account-level parameters can be set:

* REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION: This parameter enforces that all external stages must be created using a storage integration. This prevents users from creating external stages with inline credentials or URLs that point to unauthorized locations.

* REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION: This parameter enforces that all operations on external stages, such as PUT, GET, COPY, and LIST, must use a storage integration. This prevents users from performing operations on external stages with inline credentials or URLs that point to unauthorized locations.

* PREVENT_UNLOAD_TO_INLINE_URL: This parameter prevents users from unloading data from Snowflake tables to inline URLs that do not use a storage integration. This prevents users from exporting data to unauthorized locations.

Therefore, the correct answer is option D, which sets all these parameters to true. Option A is incorrect because it sets PREVENT_UNLOAD_TO_INLINE_URL to false, which allows users to unload data to inline URLs that do not use a storage integration. Option B is incorrect because it sets both REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION and REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION to false, which allows users to create and operate on external stages without using a storage integration. Option C is incorrect because it sets all the parameters to false, which does not enforce any restrictions on data exfiltration.

Show Answer
asked 23/09/2024
Novy Kingra
43 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms