SOL-C01 Question #52: Real Exam Question with Answer & Explanation

Question

You are tasked with creating a secure data sharing environment in Snowflake. You need to share a table named 'CUSTOMER RECORDS' from the `SALES DB' database in your account (Account A) with another Snowflake account (Account B). You want to ensure that Account B can only query the data and cannot modify it in any way. Which of the following steps are REQUIRED to achieve this securely and effectively?

Options

• ACreate a share object in Account A and grant USAGE privilege on the database and SELECT
• BCreate a database in Account B from the share provided by Account A, and grant SELECT
• CGrant OWNERSHIP on the `CUSTOMER RECORDS table to the target account (Account B).
• DCreate an external function that reads the data from Account A and presents it to Account B.
• ECreate a masking policy on all the columns of the 'CUSTOMER RECORDS table before creating

Explanation

To share data securely, you need to create a share object and grant appropriate privileges in the source account (A). This includes USAGE on the database and SELECT on the table. The target account (B) then creates a database from the share, which is a read-only copy of the data. Finally, SELECT privilege must be granted to roles within account B to allow access. Granting OWNERSHIP to the target account (C) defeats the purpose of secure sharing and isn't required or best practice. External functions (D) are not the correct approach. Masking Policies (E) might be appropriate based on data sensitivity but aren't a fundamental requirement for simple data

No community discussion yet for this question.