nerdexam
Databricks

CERTIFIED-DATA-ENGINEER-PROFESSIONAL · Question #33

The data engineering team is migrating an enterprise system with thousands of tables and views into the Lakehouse. They plan to implement the target architecture using a series of bronze, silver, and

The correct answer is A. Isolating tables in separate databases based on data quality tiers allows for easy permissions. Organizing tables into separate databases by data quality tier (bronze, silver, gold) allows administrators to grant permissions at the database level rather than table-by-table. Bronze databases can be locked down to data engineering workloads only, since they contain raw PII. S

Data Governance and Security

Question

The data engineering team is migrating an enterprise system with thousands of tables and views into the Lakehouse. They plan to implement the target architecture using a series of bronze, silver, and gold tables. Bronze tables will almost exclusively be used by production data engineering workloads, while silver tables will be used to support both data engineering and machine learning workloads. Gold tables will largely serve business intelligence and reporting purposes. While personal identifying information (PII) exists in all tiers of data, pseudonymization and anonymization rules are in place for all data at the silver and gold levels. The organization is interested in reducing security concerns while maximizing the ability to collaborate across diverse teams. Which statement exemplifies best practices for implementing this system?

Options

  • AIsolating tables in separate databases based on data quality tiers allows for easy permissions
  • BBecause databases on Databricks are merely a logical construct, choices around database
  • CStorinq all production tables in a single database provides a unified view of all data assets
  • DWorking in the default Databricks database provides the greatest security when working with
  • EBecause all tables must live in the same storage containers used for the database they're created

How the community answered

(28 responses)
  • A
    86% (24)
  • B
    4% (1)
  • C
    7% (2)
  • D
    4% (1)

Explanation

Organizing tables into separate databases by data quality tier (bronze, silver, gold) allows administrators to grant permissions at the database level rather than table-by-table. Bronze databases can be locked down to data engineering workloads only, since they contain raw PII. Silver databases can be opened to data engineering and ML teams with appropriate anonymization in place. Gold databases can be made accessible to BI and reporting users. This tiered isolation cleanly maps access policies to data sensitivity levels. Single-database approaches (C, D) make fine-grained access control significantly harder. Database location (B) and storage containers (E) are distractors that conflate physical storage layout with logical access control.

Topics

#Data Security#Lakehouse Architecture#Data Governance#Access Control

Community Discussion

No community discussion yet for this question.

Full CERTIFIED-DATA-ENGINEER-PROFESSIONAL Practice