DS0-001 · Question #107
DS0-001 Question #107: Real Exam Question with Answer & Explanation
The correct answer is A: Row-based access control. Row-based access control (also called row-level security) restricts which rows of a table a user can see, making it perfect here - managers get all rows in the employee table, while each employee's query is filtered to return only their own row. Role hierarchy (B) defines permiss
Question
A database administrator must grant a manager access to all employee data but only grant employees access to their own information. Which of the following would best enable this requirement?
Options
- ARow-based access control
- BRole hierarchy
- CColumn-level access control
- DAdministrative privileges
Explanation
Row-based access control (also called row-level security) restricts which rows of a table a user can see, making it perfect here - managers get all rows in the employee table, while each employee's query is filtered to return only their own row. Role hierarchy (B) defines permission inheritance between roles but doesn't inherently restrict data to specific rows; a manager role would still need a mechanism to limit employee visibility. Column-level access control (C) restricts which columns (fields like salary or SSN) a user can see, not which rows, so it can't solve the "employees see only themselves" requirement. Administrative privileges (D) grant broad system-level permissions - the opposite of least-privilege access and a security risk.
Memory tip: Think "rows = records = people." Row-based control limits who you can see; column-based limits what you can see about them.
Community Discussion
No community discussion yet for this question.