ExamGecko
Search Search Login
Home Home / Snowflake / ARA-C01
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is a valid object hierarchy when building a Snowflake environment?
A Snowflake Architect is designing a multi-tenant application strategy for an organization in the Snowflake Data Cloud and is considering using an Account Per Tenant strategy. Which requirements will be addressed with this approach? (Choose two.)
A company has an inbound share set up with eight tables and five secure views. The company plans to make the share part of its production data pipelines. Which actions can the company take with the inbound share? (Choose two.)
What is a characteristic of event notifications in Snowpipe?
The following DDL command was used to create a task based on a stream: Assuming MY_WH is set to auto_suspend -- 60 and used exclusively for this task, which statement is true?
What transformations are supported in the below SQL statement? (Select THREE). CREATE PIPE ... AS COPY ... FROM (...)
A Snowflake Architect is setting up database replication to support a disaster recovery plan. The primary database has external tables. How should the database be replicated?
How can the Snowpipe REST API be used to keep a log of data load history?
At which object type level can the APPLY MASKING POLICY, APPLY ROW ACCESS POLICY and APPLY SESSION POLICY privileges be granted?
A company has a table with that has corrupted data, named Dat a. The company wants to recover the data as it was 5 minutes ago using cloning and Time Travel. What command will accomplish this?

Question 92 - ARA-C01 discussion

Report
Export

A Snowflake Architect is designing a multiple-account design strategy.

This strategy will be MOST cost-effective with which scenarios? (Select TWO).

A.
The company wants to clone a production database that resides on AWS to a development database that resides on Azure.
Answers
A.
The company wants to clone a production database that resides on AWS to a development database that resides on Azure.
B.
The company needs to share data between two databases, where one must support Payment Card Industry Data Security Standard (PCI DSS) compliance but the other one does not.
Answers
B.
The company needs to share data between two databases, where one must support Payment Card Industry Data Security Standard (PCI DSS) compliance but the other one does not.
C.
The company needs to support different role-based access control features for the development, test, and production environments.
Answers
C.
The company needs to support different role-based access control features for the development, test, and production environments.
D.
The company security policy mandates the use of different Active Directory instances for the development, test, and production environments.
Answers
D.
The company security policy mandates the use of different Active Directory instances for the development, test, and production environments.
E.
The company must use a specific network policy for certain users to allow and block given IP addresses.
Answers
E.
The company must use a specific network policy for certain users to allow and block given IP addresses.
Suggested answer: B, C

Explanation:

A multiple-account design strategy is a way of organizing Snowflake accounts into logical groups based on different criteria, such as cloud provider, region, environment, or business unit.A multiple-account design strategy can help achieve various goals, such as cost optimization, performance isolation, security compliance, and data sharing1. In this question, the scenarios that would be most cost-effective with a multiple-account design strategy are:

The company wants to clone a production database that resides on AWS to a development database that resides on Azure. This scenario would benefit from a multiple-account design strategy because it would allow the company to leverage the cross-cloud replication feature of Snowflake, which enables replicating databases across different cloud platforms and regions.This feature can help reduce the data transfer costs and latency, as well as provide high availability and disaster recovery2.

The company security policy mandates the use of different Active Directory instances for the development, test, and production environments. This scenario would benefit from a multiple-account design strategy because it would allow the company to use different federated authentication methods for each environment, and integrate them with different Active Directory instances.This can help improve the security and governance of the access to the Snowflake accounts, as well as simplify the user management and provisioning3.

The other scenarios would not be most cost-effective with a multiple-account design strategy, because:

The company needs to share data between two databases, where one must support Payment Card Industry Data Security Standard (PCI DSS) compliance but the other one does not. This scenario can be handled within a single Snowflake account, by using secure views and secure UDFs to mask or filter the sensitive data, and applying the appropriate roles and privileges to the users who access the data.This can help achieve the PCI DSS compliance without incurring the additional costs of managing multiple accounts4.

The company needs to support different role-based access control features for the development, test, and production environments. This scenario can also be handled within a single Snowflake account, by using the native role-based access control (RBAC) features of Snowflake, such as roles, grants, and privileges, to define different access levels and permissions for each environment. This can help ensure the security and integrity of the data and the objects, as well as the separation of duties and responsibilities among the users.

The company must use a specific network policy for certain users to allow and block given IP addresses. This scenario can also be handled within a single Snowflake account, by using the network policy feature of Snowflake, which enables creating and applying network policies to restrict the IP addresses that can access the Snowflake account. This can help prevent unauthorized access and protect the data from malicious attacks.

Designing Your Snowflake Topology

Cross-Cloud Replication

Configuring Federated Authentication and SSO

Using Secure Views and Secure UDFs to Comply with PCI DSS

[Understanding Access Control in Snowflake]

[Network Policies]

Show Answer
asked 23/09/2024
Martin Mannsbarth
32 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms