SOL-C01 · Question #31
SOL-C01 Question #31: Real Exam Question with Answer & Explanation
The correct answer is A: Option A. Option A correctly grants ownership to DATA OWNER, allowing them to grant privileges, provides modification access to DATA_CURATOR, permits DATA_ANALYST to create temporary tables, and gives DATA_READER select privileges. Ownership is necessary for the OWNER to grant access to ot
Question
A Snowflake administrator needs to implement RBAC for accessing a highly sensitive dataset. They decide to create several custom roles: 'DATA OWNER, `DATA CURATOR, 'DATA ANALYST, and `DATA READER. The requirement is that 'DATA OWNER should be able to grant privileges to other roles, but the 'DATA CURATOR should only be able to modify the data but not grant any permissions. 'DATA ANALYST' should have the ability to create temporary tables to assist with analysis, and the 'DATA READER should only have SELECT privileges on the data. Which of the following SQL commands would correctly fulfill these requirements?
Options
- AOption A
- BOption B
- COption C
- DOption D
- EOption E
Explanation
Option A correctly grants ownership to DATA OWNER, allowing them to grant privileges, provides modification access to DATA_CURATOR, permits DATA_ANALYST to create temporary tables, and gives DATA_READER select privileges. Ownership is necessary for the OWNER to grant access to others. The CREATE TEMPORARY TABLE privilege is the correct privilege to allow creation of temp tables, and the SELECT privilege gives the read-only access needed. Option B will give ability to data_owner to change the security permissions. So it voilates the principle of Least Privilege. Option C gives CREATE TABLE which is not temporary table, and it voilates the Least Privilege principle. Option D does not grant the data_curator the delete permission, so violates the access requirements defined in the problem statement.
Topics
Community Discussion
No community discussion yet for this question.