nerdexam
Snowflake

SOL-C01 · Question #24

You have a large table called with columns such as and `event_data' . You want to create a view named that calculates the number of distinct users active each day. This view will be used for reporting

The correct answer is D. The view must be created as a secure view to ensure the row access policy on the base table is. In Snowflake, a regular (non-secure) view allows the query optimizer to rewrite execution plans in ways that can bypass row access policies attached to base tables - creating a secure view (CREATE SECURE VIEW) forces the optimizer to honor those policies end-to-end. Option D is c

Snowflake Account and Security

Question

You have a large table called with columns such as and `event_data' . You want to create a view named that calculates the number of distinct users active each day. This view will be used for reporting purposes. The data engineer responsible for the table has informed you that table has been modified to have a row access policy based on 'user _ id'. What additional considerations are needed when querying this view?

Options

  • ANo additional considerations are needed. The row access policy on the base table is automatically
  • BYou need to create a separate row access policy and apply it directly to the view, duplicating the
  • CThe user querying must have the APPLY ROW ACCESS POLICY' privilege on the web_eventS
  • DThe view must be created as a secure view to ensure the row access policy on the base table is
  • EIf the row access policy is not correctly enforced on the view, you may need to explicitly specify the

How the community answered

(63 responses)
  • A
    8% (5)
  • B
    2% (1)
  • C
    2% (1)
  • D
    84% (53)
  • E
    5% (3)

Explanation

In Snowflake, a regular (non-secure) view allows the query optimizer to rewrite execution plans in ways that can bypass row access policies attached to base tables - creating a secure view (CREATE SECURE VIEW) forces the optimizer to honor those policies end-to-end. Option D is correct because making the view secure is the specific mechanism Snowflake provides to guarantee that base-table row access policies propagate through the view layer.

Why the distractors are wrong:

  • A is wrong because policies are not automatically enforced through standard views - this is the core trap in the question.
  • B is wrong because duplicating the policy on the view is unnecessary and error-prone; a secure view handles enforcement without re-applying policies.
  • C is wrong because APPLY ROW ACCESS POLICY is a privilege for attaching policies to objects, not for querying through them.
  • E is wrong because no manual query-level specification is needed - the secure view declaration at creation time is sufficient.

Memory tip: Think of the SECURE keyword as a "policy seal" - it seals the row access policy from the base table all the way through the view so nothing leaks or gets skipped during optimization. If you see a row access policy + view combination on the exam, the answer almost always involves SECURE VIEW.

Topics

#Row Access Policy#Secure Views#Access Control

Community Discussion

No community discussion yet for this question.

Full SOL-C01 Practice