SOL-C01 · Question #282
SOL-C01 Question #282: Real Exam Question with Answer & Explanation
The correct answer is C: Using Azure Active Directory (Azure AD) to authenticate Snowflake.. Options C and E provide the most secure ways to access Azure Blob Storage. Using Azure AD authentication and Managed Identity eliminates the need to store credentials within Snowflake, leveraging Azure's security mechanisms for authentication and authorization. Option A is insecu
Question
You are tasked with creating an external stage pointing to an Azure Blob Storage container. You need to choose the MOST SECURE method for authentication. Which combination of the following options provides the highest level of security for accessing data in the Azure Blob Storage from Snowflake? (Select TWO)
Options
- AUsing a storage account access key directly in the stage definition.
- BUsing a Shared Access Signature (SAS) token with limited permissions and expiry.
- CUsing Azure Active Directory (Azure AD) to authenticate Snowflake.
- DGranting `READ permissions to the `PUBLIC' container in Azure Blob Storage.
- ECreating a Managed Identity for Snowflake to access Azure Blob Storage.
Explanation
Options C and E provide the most secure ways to access Azure Blob Storage. Using Azure AD authentication and Managed Identity eliminates the need to store credentials within Snowflake, leveraging Azure's security mechanisms for authentication and authorization. Option A is insecure as it involves storing a long-term secret directly in the stage definition. Option B, while better than Option A, still involves managing and rotating SAS tokens. Option D is extremely insecure, making the data publicly accessible.
Topics
Community Discussion
No community discussion yet for this question.