nerdexam
Snowflake

SOL-C01 · Question #10

A data engineer is tasked with creating multiple schemas within a Snowflake database called 'SALES DB'. These schemas need to be isolated from each other to prevent accidental data access. Which of th

The correct answer is C. Create separate schemas within 'SALES_DB' and grant specific privileges on each schema to. Creating separate schemas within SALES_DB and assigning granular privileges per schema (C) is correct because Snowflake's native access control model is built around this hierarchy: database → schema → objects. Each schema acts as a logical namespace, and role-based privileges ca

Snowflake Account and Security

Question

A data engineer is tasked with creating multiple schemas within a Snowflake database called 'SALES DB'. These schemas need to be isolated from each other to prevent accidental data access. Which of the following approaches is the MOST secure and efficient way to achieve this?

Options

  • ACreate all schemas under the 'PUBLIC' schema of 'SALES_DB' and grant specific privileges on
  • BCreate a separate database for each schema, leading to multiple databases instead of schemas
  • CCreate separate schemas within 'SALES_DB' and grant specific privileges on each schema to
  • DCreate one large schema and prefix all table names with the schema name to simulate schema
  • ECreating external tables and configuring different storage integrations for each table.

How the community answered

(26 responses)
  • A
    8% (2)
  • C
    62% (16)
  • D
    12% (3)
  • E
    19% (5)

Explanation

Creating separate schemas within SALES_DB and assigning granular privileges per schema (C) is correct because Snowflake's native access control model is built around this hierarchy: database → schema → objects. Each schema acts as a logical namespace, and role-based privileges can be scoped precisely to each schema, providing true isolation without duplication.

Why the distractors fail:

  • A - Snowflake's PUBLIC schema is a single shared namespace; nesting schemas inside it isn't how Snowflake works, and it defeats isolation.
  • B - Separate databases add unnecessary administrative overhead, cost, and complexity for what is simply a schema-level concern.
  • D - Name prefixes are a naming convention, not a security boundary - any user with table access can still reach all tables in the same schema.
  • E - External tables with storage integrations solve data location problems, not access isolation between internal schemas.

Memory tip: Think of Snowflake's hierarchy as a filing cabinet: the database is the cabinet, schemas are the locked drawers, and tables are the files inside. You lock individual drawers (grant schema-level privileges), not the whole cabinet or individual files.

Topics

#Schema Management#Privilege Granting#Data Isolation#RBAC

Community Discussion

No community discussion yet for this question.

Full SOL-C01 Practice