• Home
  • Articles
  • [2024] Earn Quick And Easy Success With ADA-C01 Dumps [Q42-Q65]

[2024] Earn Quick And Easy Success With ADA-C01 Dumps [Q42-Q65]

Share

[2024] Earn Quick And Easy Success With ADA-C01 Dumps

Free ADA-C01 pdf Files With Updated and Accurate Dumps Training

NEW QUESTION # 42
Which commands can be performed by a user with the ORGADMIN role but not the ACCOUNTADMIN role? (Select TWO).

  • A. GRANT ROLE ORGADMIN TO USER <username>;
  • B. SHOW ORGANIZATION ACCOUNTS;
  • C. SHOW USERS;
  • D. SHOW REGIONS;
  • E. SELECT SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER (
    'ACCOUNT LOCATOR',
    'ENABLE ACCOUNT DATABASE_REPLICATION',
    'true'
    );

Answer: B,E

Explanation:
According to the Snowflake documentation1, the ORGADMIN role is a special system role that is responsible for managing operations at the organization level, such as creating and viewing accounts, enabling database replication, and setting global account parameters. The ACCOUNTADMIN role is a system role that is responsible for managing operations at the account level, such as creating and managing users, roles, warehouses, databases, and shares. Therefore, the commands that can be performed by the ORGADMIN role but not the ACCOUNTADMIN role are:
* SHOW ORGANIZATION ACCOUNTS: This command lists all the accounts in the organization and their properties, such as region, edition, and status2. The ACCOUNTADMIN role can only show the current account and its properties using the SHOW ACCOUNTS command3.
* SELECT SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER: This function sets a global account parameter for an account in the organization, such as enabling account database replication4. The ACCOUNTADMIN role can only set local account parameters using the ALTER ACCOUNT command.
Option A is incorrect because the SHOW REGIONS command can be executed by any role, not just the ORGADMIN role. Option B is incorrect because the SHOW USERS command can be executed by the ACCOUNTADMIN role, as well as any role that has been granted the MONITOR privilege on the account. Option D is incorrect because the GRANT ROLE ORGADMIN TO USER <username> command can be executed by the ACCOUNTADMIN role, as well as any role that has been granted the ORGADMIN role1.


NEW QUESTION # 43
An Administrator wants to delegate the administration of a company's data exchange to users who do not have access to the ACCOUNTADMIN role.
How can this requirement be met?

  • A. Grant ownership on data exchange EXCHANGE_NAME to ROLE NAME;
  • B. Grant imported privileges on data exchange EXCHANGE_NAME to ROLE_NAME;
  • C. Grant modify on data exchange EXCHANGE_NAME to ROLE_NAME;
  • D. Grant usage on data exchange EXCHANGE_NAME to ROLE_NAME;

Answer: C

Explanation:
According to the [GRANT MODIFY] documentation, the MODIFY privilege on a data exchange allows a role to perform administrative tasks on the data exchange, such as inviting members, approving profiles, and reviewing listings. This privilege can be granted by the ACCOUNTADMIN role or a role that already has the MODIFY privilege on the data exchange. Therefore, to delegate the administration of a company's data exchange to users who do not have access to the ACCOUNTADMIN role, the best option is to grant the MODIFY privilege on the data exchange to a role that the users can assume. The other options are incorrect because:
* A. There is no such privilege as IMPORTED PRIVILEGES in Snowflake. The correct privilege name is IMPORT SHARE, which allows a role to create a database from a share. This privilege is not related to the administration of a data exchange, but to the consumption of shared data.
* C. There is no such privilege as OWNERSHIP in Snowflake. The correct privilege name is OWNED BY, which indicates the role that owns an object and has full control over it. However, this privilege cannot be granted or revoked, but only transferred by the current owner to another role using the GRANT OWNERSHIP command. Therefore, this option is not feasible for delegating the administration of a data exchange.
* D. The USAGE privilege on a data exchange allows a role to access the data exchange and view the available data listings. This privilege does not allow a role to perform administrative tasks on the data exchange, such as inviting members, approving profiles, and reviewing listings. Therefore, this option is not sufficient for delegating the administration of a data exchange.


NEW QUESTION # 44
What role or roles should be used to properly create the object required to setup OAuth 2.0 integration?

  • A. ACCOUNTADMIN and SYSADMIN
  • B. ACCOUNTADMIN only
  • C. ACCOUNTADMIN and SECURITYADMIN
  • D. Any role with GRANT USAGE on SECURITY INTEGRATION

Answer: B

Explanation:
According to the Using OAuth 2.0 with Snowflake - Blog, only the ACCOUNTADMIN role can create and manage integrations, so an administrator must assume that role when creating a security integration for OAuth. The other roles do not have the necessary privileges to create the object required to setup OAuth 2.0 integration.


NEW QUESTION # 45
An Administrator receives data from a Snowflake partner. The partner is sharing a dataset that contains multiple secure views. The Administrator would like to configure the data so that only certain roles can see certain secure views.
How can this be accomplished?

  • A. Apply RBAC directly onto the partner's shared secure views.
  • B. Individually grant imported privileges onto the schema in the share.
  • C. Clone the data and insert it into a company-owned share and apply the desired RBAC on the new tables.
  • D. Create views over the incoming shared database and apply the desired RBAC onto these views.

Answer: D

Explanation:
According to the Snowflake documentation1, secure views are only exposed to authorized users who have been granted the role that owns the view. Therefore, applying RBAC directly onto the partner's shared secure views (option A) is not possible, as the administrator does not own those views. Individually granting imported privileges onto the schema in the share (option B) is also not feasible, as the privileges granted on the schema do not apply to existing secure views, only to future ones2. Cloning the data and inserting it into a company-owned share (option C) is not recommended, as it would create unnecessary duplication of data and increase storage costs. The best option is to create views over the incoming shared database and apply the desired RBAC onto these views (option D). This way, the administrator can control the access to the data based on the roles in their account, without modifying the original data or views from the partner.


NEW QUESTION # 46
DatabaseA has a single schema called Schema1. This schema contains many tables and views. The ANALYST role has privileges to select from all objects in DatabaseA. Schema1. The SYSADMIN role clones DatabaseA to DatabaseA_clone.
What privileges does the ANALYST role have on tables and views in DatabaseA_clone? (Select TWO).

  • A. SELECT on all tables, and only secure views in DatabaseA_clone. Schemal
  • B. USAGE on the database DatabaseA_clone. Schemal
  • C. SELECT on all tables and views in DatabaseA_clone. Schema1
  • D. SELECT on all tables, and only non-secure views in DatabaseA_clone. Schemal
  • E. USAGE on the schema DatabaseA clone

Answer: C,D

Explanation:
Explanation
According to the Snowflake documentation, when a database or schema is cloned, the clone inherits all granted privileges on the clones of all child objects contained in the source object, such as tables and views.
However, the clone of the container itself does not inherit the privileges granted on the source container.
Therefore, the ANALYST role will have SELECT privilege on all tables and views in DatabaseA_clone.Schema1, but not USAGE privilege on the database or schema. The type of view (secure or non-secure) does not affect the cloning of privileges.


NEW QUESTION # 47
A Snowflake Administrator has a multi-cluster virtual warehouse and is using the Snowflake Business Critical edition. The minimum number of clusters is set to 2 and the maximum number of clusters is set to 10. This configuration works well for the standard workload, rarely exceeding 5 running clusters. However, once a month the Administrator notes that there are a few complex long-running queries that are causing increased queue time and the warehouse reaches its maximum limit at 10 clusters.
Which solutions will address the issues happening once a month? (Select TWO).

  • A. Increase the multi-cluster maximum to 20 or more clusters.
  • B. Have the group running the complex monthly queries use a separate appropriately-sized warehouse to support their workload.
  • C. Increase the minimum number of clusters started in the multi-cluster configuration to 5.
  • D. Use a task to increase the cluster size for the time period that the more complex queries are running and another task to reduce the size of the cluster once the complex queries complete.
  • E. Examine the complex queries and determine if they can be made more efficient using clustering keys or materialized views.

Answer: B,D

Explanation:
According to the Snowflake documentation1, a multi-cluster warehouse is a virtual warehouse that consists of multiple clusters of compute resources that can scale up or down automatically to handle the concurrency and performance needs of the queries submitted to the warehouse. A multi-cluster warehouse has a minimum and maximum number of clusters that can be specified by the administrator. Option A is a possible solution to address the issues happening once a month, as it allows the administrator to use a task to increase the cluster size for the time period that the more complex queries are running and another task to reduce the size of the cluster once the complex queries complete. This way, the warehouse can have more resources available to handle the complex queries without reaching the maximum limit of 10 clusters, and then return to the normal cluster size to save costs. Option B is another possible solution to address the issues happening once a month, as it allows the administrator to have the group running the complex monthly queries use a separate appropriately-sized warehouse to support their workload. This way, the warehouse can isolate the complex queries from the standard workload and avoid queue time and resource contention. Option C is not a recommended solution to address the issues happening once a month, as it would increase the costs and complexity of managing the multi-cluster warehouse, and may not solve the underlying problem of inefficient queries. Option D is a good practice to improve the performance of the queries, but it is not a direct solution to address the issues happening once a month, as it requires analyzing and optimizing the complex queries using clustering keys or materialized views, which may not be feasible or effective in all cases. Option E is not a recommended solution to address the issues happening once a month, as it would increase the costs and waste resources by starting more clusters than needed for the standard workload.


NEW QUESTION # 48
What are characteristics of data replication in Snowflake? (Select THREE).

  • A. Users must be granted REPLICATIONADMIN privileges in order to enable replication.
  • B. The ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account.
  • C. To start replication run the ALTER DATABASE ... REFRESH command on the account where the secondary database resides.
  • D. Databases created from shares can be replicated.
  • E. Replication can only occur within the same cloud provider.
  • F. Users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization.

Answer: B,D,F

Explanation:
* Option A is correct because the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account that owns the database to be replicated1.
* Option B is incorrect because users must be granted REPLICATIONGRANTER privileges in order to enable replication1.
* Option C is incorrect because to start replication, the ALTER DATABASE ... REFRESH command must be run on the primary database, not the secondary database1.
* Option D is incorrect because replication can occur across different cloud providers, as well as across regions2.
* Option E is correct because databases created from shares can be replicated, as long as the share is active and the database is not dropped or altered1.
* Option F is correct because users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization1.


NEW QUESTION # 49
A requirement has been identified to allow members of a corporate Data Product team to bring in data sets from the Snowflake Marketplace. The members of this team use the role DP_TEAM.
What grant statements must the ACCOUNTADMIN execute in order for the DP TEAM role to import and work with data from the Marketplace?

  • A. grant imported privileges on account to role dp_team;
    grant create database on account to role dp_team;
  • B. grant marketplace in account to role dp_team;
    grant create database from share to role dp_team;
  • C. grant import share on account to role dp_team;
    grant create database on account to role dp_team;
  • D. grant usage on snowflake_marketplace to role dp_team;
    grant create database on account to role dp_team;

Answer: C

Explanation:
Explanation
Option D is the correct answer because it follows the steps described in the Snowflake documentation for importing data from the Snowflake Marketplace. The ACCOUNTADMIN role needs to grant the IMPORT SHARE privilege on the account to the DP_TEAM role, which allows the role to import data from any provider in the marketplace. The ACCOUNTADMIN role also needs to grant the CREATE DATABASE privilege on the account to the DP_TEAM role, which allows the role to create a database from a share. Option A is incorrect because there is no MARKETPLACE privilege in Snowflake. Option B is incorrect because the USAGE privilege on SNOWFLAKE_MARKETPLACE is not sufficient to import data from the marketplace.
Option C is incorrect because there is no IMPORTED PRIVILEGES privilege in Snowflake.


NEW QUESTION # 50
A team of developers created a new schema for a new project. The developers are assigned the role DEV_TEAM which was set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE DEV TEAM;
GRANT USAGE, CREATE SCHEMA ON DATABASE DEV_DB01 TO ROLE DEV_TEAM;
GRANT USAGE ON WAREHOUSE DEV_WH TO ROLE DEV_TEAM;
Each team member's access is set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE JDOE_PROFILE;
CREATE USER JDOE LOGIN NAME = 'JDOE' DEFAULT_ROLE='JDOE_PROFILE';
GRANT ROLE JDOE_PROFILE TO USER JDOE;
GRANT ROLE DEV_TEAM TO ROLE JDOE_PROFILE;
New tables created by any of the developers are not accessible by the team as a whole.
How can an Administrator address this problem?

  • A. Assign ownership privilege to DEV_TEAM on the newly-created schema.
  • B. Set up the new schema as a managed-access schema.
  • C. Assign usage privilege on the virtual warehouse DEV_WH to the role JDOE_PROFILE.
  • D. Set up future grants on the newly-created schemas.

Answer: D

Explanation:
Explanation
According to the Snowflake documentation1, future grants are a way to automatically grant privileges on future objects of a specific type that are created in a database or schema. By setting up future grants on the newly-created schemas, the administrator can ensure that any tables created by the developers in those schemas will be accessible by the DEV_TEAM role, without having to grant privileges on each table individually. Option A is incorrect because assigning ownership privilege to DEV_TEAM on the newly-created schema does not grant privileges on the tables in the schema, only on the schema itself. Option B is incorrect because assigning usage privilege on the virtual warehouse DEV_WH to the role JDOE_PROFILE does not affect the access to the tables in the schemas, only the ability to use the warehouse.
Option D is incorrect because setting up the new schema as a managed-access schema does not grant privileges on the tables in the schema, but rather requires explicit grants for each table.


NEW QUESTION # 51
A Snowflake Administrator wants to create a virtual warehouse that supports several dashboards, issuing various queries on the same database.
For this warehouse, why should the Administrator consider setting AUTO_SUSPEND to 0 or NULL?

  • A. To save costs by running the warehouse as little as possible
  • B. To keep the query result cache warm for good performance on repeated queries
  • C. To keep the data cache warm to support good performance of similar queries
  • D. To save costs on warehouse shutdowns and startups for different queries

Answer: C

Explanation:
Explanation
According to the Snowflake documentation1, the AUTO_SUSPEND property specifies the number of seconds of inactivity after which a warehouse is automatically suspended. If the property is set to 0 or NULL, the warehouse never suspends automatically. For a warehouse that supports several dashboards, issuing various queries on the same database, setting AUTO_SUSPEND to 0 or NULL can help to keep the data cache warm, which means that the data used by the queries is already loaded into the warehouse memory and does not need to be fetched from the storage layer. This can improve the performance of similar queries that access the same data. Option A is incorrect because setting AUTO_SUSPEND to 0 or NULL does not save costs on warehouse shutdowns and startups, but rather increases the costs by keeping the warehouse running continuously. Option B is incorrect because setting AUTO_SUSPEND to 0 or NULL does not run the warehouse as little as possible, but rather runs the warehouse as much as possible. Option D is incorrect because setting AUTO_SUSPEND to 0 or NULL does not affect the query result cache, which is a separate cache that stores the results of previous queries for a period of time. The query result cache is not dependent on the warehouse state, but on the query criteria2.


NEW QUESTION # 52
A virtual warehouse report_wh is configured with AUTO_RESUME=TRUE and AUTO_SUSPEND=300. A user has been granted the role accountant.
An application with the accountant role should use this warehouse to run financial reports, and should keep track of compute credits used by the warehouse.
What minimal privileges on the warehouse should be granted to the role to meet the requirements for the application? (Select TWO).

  • A. MODIFY
  • B. MONITOR
  • C. USAGE
  • D. OWNERSHIP
  • E. OPERATE

Answer: B,C

Explanation:
Explanation
According to the Snowflake documentation1, the MONITOR privilege on a warehouse grants the ability to view the warehouse usage and performance metrics, such as the number of credits consumed, the average and maximum run time, and the number of queries executed. The USAGE privilege on a warehouse grants the ability to use the warehouse to execute queries and load data. Therefore, the minimal privileges on the warehouse that should be granted to the role to meet the requirements for the application are MONITOR and USAGE. Option A is incorrect because the OPERATE privilege on a warehouse grants the ability to start, stop, resume, and suspend the warehouse, which is not required for the application. Option B is incorrect because the MODIFY privilege on a warehouse grants the ability to alter the warehouse properties, such as the size, auto-suspend, and auto-resume settings, which is not required for the application. Option E is incorrect because the OWNERSHIP privilege on a warehouse grants the ability to drop the warehouse, grant or revoke privileges on the warehouse, and transfer the ownership to another role, which is not required for the application.


NEW QUESTION # 53
A company has implemented Snowflake replication between two Snowflake accounts, both of which are running on a Snowflake Enterprise edition. The replication is for the database APP_DB containing only one schema, APP_SCHEMA. The company's Time Travel retention policy is currently set for 30 days for both accounts. An Administrator has been asked to extend the Time Travel retention policy to 60 days on the secondary database only.
How can this requirement be met?

  • A. Set the data retention policy on the primary database to 60 days.
  • B. Set the data retention policy on the schemas in the secondary database to 60 days.
  • C. Set the data retention policy on the secondary database to 60 days.
  • D. Set the data retention policy on the primary database to 30 days and the schemas to 60 days.

Answer: C

Explanation:
Explanation
According to the Replication considerations documentation, the Time Travel retention period for a secondary database can be different from the primary database. The retention period can be set at the database, schema, or table level using the DATA_RETENTION_TIME_IN_DAYS parameter. Therefore, to extend the Time Travel retention policy to 60 days on the secondary database only, the best option is to set the data retention policy on the secondary database to 60 days using the ALTER DATABASE command. The other options are incorrect because:
*B. Setting the data retention policy on the schemas in the secondary database to 60 days will not affect the database-level retention period, which will remain at 30 days. The most specific setting overrides the more general ones, so the schema-level setting will apply to the tables in the schema, but not to the database itself.
*C. Setting the data retention policy on the primary database to 30 days and the schemas to 60 days will not affect the secondary database, which will have its own retention period. The replication process does not copy the retention period settings from the primary to the secondary database, so they can be configured independently.
*D. Setting the data retention policy on the primary database to 60 days will not affect the secondary database, which will have its own retention period. The replication process does not copy the retention period settings from the primary to the secondary database, so they can be configured independently.


NEW QUESTION # 54
An Administrator has a warehouse which is intended to have a credit quota set for 3000 for each calendar year.
The Administrator needs to create a resource monitor that
will perform the following tasks:
1. At 80% usage notify the account Administrators.
2. At 100% usage suspend the warehouse and notify the account Administrators.
3. At 120% stop all running executions, suspend the warehouse, and notify the account Administrators.
Which SQL command will meet these requirements?

  • A. create or replace resource monitor RM1 with credit_quota=3000
    frequency = yearly
    triggers on 80 percent do notify
    on 100 percent do suspend
    on 120 percent do suspend_immediate;
    alter warehouse WH1 set resource_monitor = RM1;
  • B. create or replace resource monitor RM1 with credit_quota=3000
    start_timestamp = '2022-01-01 00:00 CET'
    triggers on 80 percent do notify
    on 100 percent do suspend
    on 120 percent do suspend_immediate;
    alter warehouse WH1 set resource_monitor = RM1;
  • C. create or replace resource monitor RM1 with credit_quota=3000
    frequency = yearly
    start_timestamp = '2022-01-01 00:00 CET'
    triggers on 80 percent do notify
    on 100 percent do suspend
    on 120 percent do suspend_immediate;
    alter warehouse WH1 set resource monitor = RM1;
  • D. create or replace resource monitor RM1 with credit_quota=3000
    start_timestamp = '2022-01-01 00:00 CET'
    triggers on 80 percent do notify
    on 100 percent do notify and suspend
    on 120 percent do notify and suspend_immediate;
    alter warehouse WH1 set resource monitor = RM1;

Answer: C

Explanation:
Explanation
Option B is the correct SQL command to create a resource monitor that meets the requirements. It sets the credit quota to 3000, the frequency to yearly, the start timestamp to January 1, 2022, and the triggers to notify and suspend the warehouse at the specified thresholds. Option A is incorrect because it does not specify the frequency. Option C is incorrect because it does not specify the frequency and it uses notify and suspend instead of suspend and suspend_immediate. Option D is incorrect because it does not specify the start timestamp. For more information about resource monitors, see Working with Resource Monitors and CREATE RESOURCE MONITOR.


NEW QUESTION # 55
An organization's sales team leverages this Snowflake query a few times a day:
SELECT CUSTOMER ID, CUSTOMER_NAME, ADDRESS, PHONE NO
FROM CUSTOMERS
WHERE LAST UPDATED BETWEEN TO_DATE (CURRENT_TIMESTAMP) AND (TO_DATE
(CURRENT_TIMESTAMP) -7);
What can the Snowflake Administrator do to optimize the use of persisted query results whenever possible?

  • A. Wrap the query in a User-Defined Function (UDF) to match syntax execution.
  • B. Assign everyone on the sales team to the same virtual warehouse.
  • C. Leverage the CURRENT_DATE function for date calculations.
  • D. Assign everyone on the sales team to the same security role.

Answer: C

Explanation:
Explanation
According to the web search results from my predefined tool search_web, one of the factors that affects the reuse of persisted query results is the exact match of the query syntax1. If the query contains functions that return different values for successive runs, such as CURRENT_TIMESTAMP, then the query will not match the previous query and will not benefit from the cache. To avoid this, the query should use functions that return consistent values for the same day, such as CURRENT_DATE, which returns the current date without the time component2. Option A is incorrect because wrapping the query in a UDF does not guarantee the syntax match, as the UDF may also contain dynamic functions. Option B is incorrect because the virtual warehouse does not affect the persisted query results, which are stored at the account level1. Option C is incorrect because the security role does not affect the persisted query results, as long as the role has the necessary privileges to access the tables and views used in the query1.
1: Using Persisted Query Results | Snowflake Documentation 2: Date and Time Functions | Snowflake Documentation


NEW QUESTION # 56
A Snowflake Administrator created a role ROLE_MANAGED_ACCESS and a schema SCHEMA_MANAGED_ACCESS as follows:
USE ROLE SECURITYADMIN;
CREATE ROLE ROLE_MANAGED_ACCESS;
GRANT ROLE ROLE_MANAGED_ACCESS TO ROLE SYSADMIN;
GRANT USAGE ON WAREHOUSE COMPUTE_WH TO ROLE ROLE_MANAGED_ACCESS;
GRANT ALL privileges ON DATABASE WORK TO ROLE ROLE_MANAGED_ACCESS;
USE ROLE ROLE_MANAGED_ACCESS;
CREATE SCHEMA SCHEMA_MANAGED_ACCESS WITH MANAGED ACCESS;
USE ROLE SECURITYADMIN;
GRANT SELECT, INSERT ON FUTURE TABLES IN SCHEMA SCHEMA MANAGED ACCESS to ROLE_MANAGED_ACCESS; The Administrator now wants to disable the managed access on the schema.
How can this be accomplished?

  • A. ALTER SCHEMA SCHEMA MANAGED ACCESS DISABLE MANAGED ACCESS;
  • B. USE ROLE ROLE_MANAGED_ACCESS;
    DROP SCHEMA WORK. SCHEMA MANAGED_ACCESS;
    CREATE SCHEMA SCHEMA_MANAGED_ACCESS WITHOUT MANAGED ACCESS;
    Then recreate all needed objects.
  • C. REVOKE SELECT, INSERT ON FUTURE TABLES IN SCHEMA SCHEMA_MANAGED_ACCESS FROM ROLE_MANAGED_ACCESS; ALTER SCHEMA SCHEMA MANAGED ACCESS DISABLE MANAGED ACCESS;
  • D. USE ROLE ROLE MANAGED_ACCESS;
    DROP SCHEMA WORK. SCHEMA_MANAGED_ACCESS;
    CREATE SCHEMA SCHEMA_MANAGED_ACCESS;
    Then recreate all needed objects.

Answer: A

Explanation:
According to the Snowflake documentation1, you can change a managed access schema to a regular schema using the ALTER SCHEMA statement with the DISABLE MANAGED ACCESS keywords. This will disable the managed access feature on the schema and revert the access control to the default behavior. Option B is incorrect because dropping and recreating the schema will also delete all the objects and metadata in the schema, which is not necessary to disable the managed access. Option C is incorrect because revoking the privileges on the future tables from the role is not required to disable the managed access. Option D is incorrect because there is no WITHOUT MANAGED ACCESS option in the CREATE SCHEMA statement.


NEW QUESTION # 57
What are characteristics of Dynamic Data Masking? (Select TWO).

  • A. A masking policy that is currently set on a table can be dropped.
  • B. A single masking policy can be applied to columns with different data types.
  • C. The role that creates the masking policy will always see unmasked data in query results.
  • D. A masking policy can be applied to the VALUE column of an external table.
  • E. A single masking policy can be applied to columns in different tables.

Answer: B,E

Explanation:
According to the Using Dynamic Data Masking documentation, Dynamic Data Masking is a feature that allows you to alter sections of data in table and view columns at query time using a predefined masking strategy. The following are some of the characteristics of Dynamic Data Masking:
* A single masking policy can be applied to columns in different tables. This means that you can write a policy once and have it apply to thousands of columns across databases and schemas.
* A single masking policy can be applied to columns with different data types. This means that you can use the same masking strategy for columns that store different kinds of data, such as strings, numbers, dates, etc.
* A masking policy that is currently set on a table can be dropped. This means that you can remove the masking policy from the table and restore the original data visibility.
* A masking policy can be applied to the VALUE column of an external table. This means that you can mask data that is stored in an external stage and queried through an external table.
* The role that creates the masking policy will always see unmasked data in query results. This is not true, as the masking policy can also apply to the creator role depending on the execution context conditions defined in the policy. For example, if the policy specifies that only users with a certain custom entitlement can see the unmasked data, then the creator role will also need to have that entitlement to see the unmasked data.


NEW QUESTION # 58
A Snowflake organization MYORG consists of two Snowflake accounts:

The ACCOUNT1 has a database PROD_DB and the ORGADMIN role enabled.
Management wants to have the PROD_DB database replicated to ACCOUNT2.
Are there any necessary configuration steps in ACCOUNT1 before the database replication can be configured and initiated in ACCOUNT2?

  • A. USE ROLE ORGADMIN;
    SELECT SYSTEMSGLOBAL ACCOUNT SET_PARAMETER ( 'MYORG. ACCOUNT1', 'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE'); USE ROLE ACCOUNTADMIN; ALTER DATABASE PROD_DB ENABLE REPLICATION TO ACCOUNTS MYORG. ACCOUNT2 IGNORE EDITION CHECK;
  • B. It is not possible to replicate a database from an Enterprise edition Snowflake account to a Standard edition Snowflake account.
  • C. No configuration steps are necessary in ACCOUNT1. Replicating databases across accounts within the same Snowflake organization is enabled by default.
  • D. USE ROLE ORGADMIN;
    SELECT SYSTEMSGLOBAL_ACCOUNT_SET_PARAMETER ('MYORG. ACCOUNT1', 'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE'); SELECT SYSTEMSGLOBAL_ACCOUNT_SET_PARAMETER ('MYORG. ACCOUNT2', 'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE'); USE ROLE ACCOUNTADMIN; ALTER DATABASE PROD DB ENABLE REPLICATION TO ACCOUNTS MYORG. ACCOUNT2;

Answer: A

Explanation:
According to the Snowflake documentation1, database replication across accounts within the same organization requires the following steps:
* Link the accounts in the organization using the ORGADMIN role.
* Enable account database replication for both the source and target accounts using the SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER function.
* Promote a local database to serve as the primary database and enable replication to the target accounts using the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command.
* Create a secondary database in the target account using the CREATE DATABASE ... FROM SHARE command.
* Refresh the secondary database periodically using the ALTER DATABASE ... REFRESH command.
Option A is incorrect because it does not include the step of creating a secondary database in the target account. Option C is incorrect because replicating databases across accounts within the same organization is not enabled by default, but requires enabling account database replication for both the source and target accounts. Option D is incorrect because it is possible to replicate a database from an Enterprise edition Snowflake account to a Standard edition Snowflake account, as long as the IGNORE EDITION CHECK option is used in the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command2. Option B is correct because it includes all the necessary configuration steps in ACCOUNT1, except for creating a secondary database in ACCOUNT2, which can be done after the replication is enabled.


NEW QUESTION # 59
Which masking policy will mask a column whenever it is queried through a view owned by a role named MASKED_VIEW_ROLE?

  • A. create or replace masking policy maskString as (val string) returns string -> case when current_role() in ('MASKED_VIEW_ROLE') then ' ********* ' else val end;
  • B. create or replace masking policy maskstring as (val string) returns string -> case when is_role_in_session ('MASKED_VIEW_ROLE') then ' ** else val end;
    *,
  • C. create or replace masking policy maskstring as (val string) returns string -> case when invoker_role() in ('MASKED_VIEW_ROLE') then else val end;
    ' **
  • D. create or replace masking policy maskString as (val string) returns string -> case when array_contains ('MASKED_VIEW_ROLE' :: variant, parse_json (current_available_roles ())) then
    '*
    else val
    end;
    ** '

Answer: B

Explanation:
Explanation
A masking policy is a SQL expression that transforms the data in a column based on the role that queries the column1. The is_role_in_session function returns true if the specified role is in the current session2. Therefore, the masking policy in option A will mask the column data with asterisks whenever it is queried through a view owned by the MASKED_VIEW_ROLE3. The other options use different functions that do not check the ownership of the view, but rather the current role, the invoker role, or the available roles in the session45.
These functions may not return the desired result if the role that owns the view is different from the role that queries the view.


NEW QUESTION # 60
When adding secure views to a share in Snowflake, which function is needed to authorize users from another account to access rows in a base table?

  • A. CURRENT_USER
  • B. CURRENT_CLIENT
  • C. CURRENT_ROLE
  • D. CURRENT ACCOUNT

Answer: A

Explanation:
According to the Working with Secure Views documentation, secure views are designed to limit access to sensitive data that should not be exposed to all users of the underlying table(s). When sharing secure views with another account, the view definition must include a function that returns the identity of the user who is querying the view, such as CURRENT_USER, CURRENT_ROLE, or CURRENT_ACCOUNT. These functions can be used to filter the rows in the base table based on the user's identity. For example, a secure view can use the CURRENT_USER function to compare the user name with a column in the base table that contains the authorized user names. Only the rows that match the user name will be returned by the view. The CURRENT_CLIENT function is not suitable for this purpose, because it returns the IP address of the client that is connected to Snowflake, which is not related to the user's identity.


NEW QUESTION # 61
A Snowflake Administrator needs to set up Time Travel for a presentation area that includes facts and dimensions tables, and receives a lot of meaningless and erroneous loT data. Time Travel is being used as a component of the company's data quality process in which the ingestion pipeline should revert to a known quality data state if any anomalies are detected in the latest load. Data from the past 30 days may have to be retrieved because of latencies in the data acquisition process.
According to best practices, how should these requirements be met? (Select TWO).

  • A. The fact and dimension tables should be cloned together using the same Time Travel options to reduce potential referential integrity issues with the restored data.
  • B. The DATA_RETENTION_TIME_IN_DAYS should be kept at the account level and never used for lower level containers (databases and schemas).
  • C. The fact and dimension tables should have the same DATA_RETENTION_TIME_IN_ DAYS.
  • D. Only TRANSIENT tables should be used to ensure referential integrity between the fact and dimension tables.
  • E. Related data should not be placed together in the same schema. Facts and dimension tables should each have their own schemas.

Answer: A,C

Explanation:
Explanation
According to the Understanding & Using Time Travel documentation, Time Travel is a feature that allows you to query, clone, and restore historical data in tables, schemas, and databases for up to 90 days. To meet the requirements of the scenario, the following best practices should be followed:
*The fact and dimension tables should have the same DATA_RETENTION_TIME_IN_DAYS. This parameter specifies the number of days for which the historical data is preserved and can be accessed by Time Travel. To ensure that the fact and dimension tables can be reverted to a consistent state in case of any anomalies in the latest load, they should have the same retention period. Otherwise, some tables may lose their historical data before others, resulting in data inconsistency and quality issues.
*The fact and dimension tables should be cloned together using the same Time Travel options to reduce potential referential integrity issues with the restored data. Cloning is a way of creating a copy of an object (table, schema, or database) at a specific point in time using Time Travel. To ensure that the fact and dimension tables are cloned with the same data set, they should be cloned together using the same AT or BEFORE clause. This will avoid any referential integrity issues that may arise from cloning tables at different points in time.
The other options are incorrect because:
*Related data should not be placed together in the same schema. Facts and dimension tables should each have their own schemas. This is not a best practice for Time Travel, as it does not affect the ability to query, clone, or restore historical data. However, it may be a good practice for data modeling and organization, depending on the use case and design principles.
*The DATA_RETENTION_TIME_IN_DAYS should be kept at the account level and never used for lower level containers (databases and schemas). This is not a best practice for Time Travel,as it limits the flexibility and granularity of setting the retention period for different objects. The retention period can be set at the account, database, schema, or table level, and the most specific setting overrides the more general ones. This allows for customizing the retention period based on the data needs and characteristics of each object.
*Only TRANSIENT tables should be used to ensure referential integrity between the fact and dimension tables. This is not a best practice for Time Travel, as it does not affect the referential integrity between the tables. Transient tables are tables that do not have a Fail-safe period, which means that they cannot be recovered by Snowflake after the retention period ends. However, they still support Time Travel within the retention period, and can be queried, cloned, and restored like permanent tables. The choice of table type depends on the data durability and availability requirements, not on the referential integrity.


NEW QUESTION # 62
Which statement allows this user to access this Snowflake account from a specific IP address (192.168.1.100) while blocking their access from anywhere else?

  • A. CREATE NETWORK POLICY ADMIN_POLICY
    ALLOWED IP LIST = ('192.168.1.100')
    BLOCKED_IP_LIST = ('0.0.0.0/0');
    ALTER USER ABC SET NETWORK_POLICY = 'ADMIN_POLICY';
  • B. CREATE NETWORK POLICY ADMIN POLICY
    ALLOWED_IP_LIST = ('192.168.1.100');
    ALTER ROLE ACCOUNTADMIN SET NETWORK_POLICY = 'ADMIN_POLICY';
  • C. CREATE NETWORK POLICY ADMIN_POLICY
    ALLOWED_IP_LIST = ('192.168.1.100');
    ALTER USER ABC SET NETWORK_POLICY = 'ADMIN_POLICY';
    User ABC is the only user with an ACCOUNTADMIN role.
  • D. CREATE OR REPLACE NETWORK POLICY ADMIN_POLICY
    ALLOWED_IP_LIST = ('192.168. 1. 100/0') ;
    ALTER USER ABC SET NETWORK_POLICY = 'ADMIN_POLICY';

Answer: A

Explanation:
Option C creates a network policy that allows only the IP address 192.168.1.100 and blocks all other IP addresses using the CIDR notation 0.0.0.0/01. It then applies the network policy to the user ABC, who has the ACCOUNTADMIN role. This ensures that only this user can access the Snowflake account from the specified IP address, while blocking their access from anywhere else. Option A does not block any other IP addresses, option B applies the network policy to the role instead of the user, and option D uses an invalid CIDR notation.


NEW QUESTION # 63
A company enabled replication between accounts and is ready to replicate data across regions in the same cloud service provider.
The primary database object is : PROD_AWS_EAST. Location : AWS_EAST
The secondary database object is : PROD_AWS_WEST. Location : AWS_WEST
What command and account location is needed to refresh the data?

  • A. Location : AWS_WEST
    Command : REFRESH DATABASE PROD_AWS WEST REFRESH;
  • B. Location : AWS EAST
    Command: ALTER DATABASE PROD_AWS_WEST REFRESH;
  • C. Location : AWS_WEST
    Command : ALTER DATABASE PROD AWS WEST REFRESH;
  • D. Location : AWS_EAST
    Command : REFRESH DATABASE PROD_AWS_WEST REFRESH;

Answer: A

Explanation:
Explanation
The REFRESH DATABASE command is used to refresh a secondary database with the latest data and metadata from the primary database1. The command must be executed in the target account where the secondary database resides2. Therefore, the answer is A, as the location is AWS_WEST and the command is REFRESH DATABASE PROD_AWS_WEST REFRESH. The other options are incorrect because they either use the wrong location, the wrong command, or the wrong database name.


NEW QUESTION # 64
A Snowflake Administrator needs to persist all virtual warehouse configurations for auditing and backups. Given a table already exists with the following schema:
Table Name : VWH_META
Column 1 : SNAPSHOT_TIME TIMESTAMP_NTZ
Column 2 : CONFIG VARIANT
Which commands should be executed to persist the warehouse data at the time of execution in JSON format in the table VWH META?

  • A. 1. SHOW WAREHOUSES;
    2. INSERT INTO VWH META
    SELECT CURRENT TIMESTAMP (), *
    FROM TABLE (RESULT_SCAN (LAST_QUERY_ID ())) ;
  • B. 1. SHOW WAREHOUSES;
    2. INSERT INTO VWH_META
    SELECT CURRENT_TIMESTAMP (),
    OBJECT CONSTRUCT (*)
    FROM TABLE (RESULT_SCAN (LAST_QUERY_ID ()));
  • C. 1. SHOW WAREHOUSES;
    2. INSERT INTO VWH META
    SELECT CURRENT TIMESTAMP (),
    FROM TABLE (RESULT_SCAN (LAST_QUERY_ID(1) ) ) ;
  • D. 1. SHOW WAREHOUSES;
    2. INSERT INTO VWH META
    SELECT CURRENT TIMESTAMP (), *
    FROM TABLE (RESULT_SCAN (SELECT
    LAST QUERY ID(-1)));

Answer: B

Explanation:
According to the Using Persisted Query Results documentation, the RESULT_SCAN function allows you to query the result set of a previous command as if it were a table. The LAST_QUERY_ID function returns the query ID of the most recent statement executed in the current session. Therefore, the combination of these two functions can be used to access the output of the SHOW WAREHOUSES command, which returns the configurations of all the virtual warehouses in the account. However, to persist the warehouse data in JSON format in the table VWH_META, the OBJECT_CONSTRUCT function is needed to convert the output of the SHOW WAREHOUSES command into a VARIANT column. The OBJECT_CONSTRUCT function takes a list of key-value pairs and returns a single JSON object. Therefore, the correct commands to execute are:
1. SHOW WAREHOUSES;
2. INSERT INTO VWH_META SELECT CURRENT_TIMESTAMP (), OBJECT_CONSTRUCT (*) FROM TABLE (RESULT_SCAN (LAST_QUERY_ID ())); The other options are incorrect because:
* A) This option does not use the OBJECT_CONSTRUCT function, so it will not persist the warehouse data in JSON format. Also, it is missing the * symbol in the SELECT clause, so it will not select any columns from the result set of the SHOW WAREHOUSES command.
* B) This option does not use the OBJECT_CONSTRUCT function, so it will not persist the warehouse data in JSON format. It will also try to insert multiple columns into a single VARIANT column, which will cause a type mismatch error.
* D) This option does not use the OBJECT_CONSTRUCT function, so it will not persist the warehouse data in JSON format. It will also try to use the RESULT_SCAN function on a subquery, which is not supported. The RESULT_SCAN function can only be used on a query ID or a table name.


NEW QUESTION # 65
......

Real Updated ADA-C01 Questions Pass Your Exam Easily: https://www.prepawayexam.com/Snowflake/braindumps.ADA-C01.ete.file.html

Top-Class ADA-C01 Question Answers Study Guide: https://drive.google.com/open?id=1QELeoDRjpGVx61AGNccAsnmKZ-Zp29F_

Related Articles

more
Snowflake ADA-C01 Certification Practice Exam