nerdexam
Snowflake

SOL-C01 · Question #55

A data engineer needs to create a new database named SALES DATA for storing sales transactions. They want to ensure that only users with the 'DB_ADMIN' role can manage the database. After creating the

The correct answer is B. CREATE DATABASE SALES DATA; GRANT OWNERSHIP ON DATABASE SALES DATA TO. Note: The answer choices appear truncated in your question, so this explanation focuses on the underlying Snowflake concepts that make B correct. Option B is correct because it follows the proper Snowflake sequence: creating the database with the name properly quoted (e.g., "SALE

Snowflake Account and Security

Question

A data engineer needs to create a new database named SALES DATA for storing sales transactions. They want to ensure that only users with the 'DB_ADMIN' role can manage the database. After creating the database, the engineer needs to grant the SELECT privilege on all tables within the `SALES DATA.PUBLIC' schema to a role named 'ANALYST'. Which of the following is the MOST secure and efficient sequence of SQL commands to accomplish this?

Options

  • ACREATE DATABASE SALES DATA; GRANT OWNERSHIP ON DATABASE SALES DATA TO
  • BCREATE DATABASE SALES DATA; GRANT OWNERSHIP ON DATABASE SALES DATA TO
  • CCREATE DATABASE SALES DATA; GRANT OWNERSHIP ON DATABASE SALES DATA TO
  • DCREATE DATABASE SALES DATA; USE DATABASE SALES DATA; GRANT OWNERSHIP ON
  • ECREATE DATABASE SALES DATA; GRANT OWNERSHIP ON DATABASE SALES DATA TO

How the community answered

(52 responses)
  • A
    4% (2)
  • B
    58% (30)
  • C
    10% (5)
  • D
    23% (12)
  • E
    6% (3)

Explanation

Note: The answer choices appear truncated in your question, so this explanation focuses on the underlying Snowflake concepts that make B correct.

Option B is correct because it follows the proper Snowflake sequence: creating the database with the name properly quoted (e.g., "SALES DATA") to handle the space, granting OWNERSHIP to ROLE DB_ADMIN using the ROLE keyword explicitly, and then using GRANT SELECT ON FUTURE TABLES IN SCHEMA "SALES DATA".PUBLIC TO ROLE ANALYST - which is the most efficient single command for a newly created schema.

  • Option A likely omits quoting "SALES DATA" or uses incorrect identifier syntax, causing a parse error since unquoted identifiers cannot contain spaces.
  • Option C probably grants ALL PRIVILEGES instead of just SELECT, violating the principle of least privilege and making it less secure.
  • Option D inserts an unnecessary USE DATABASE statement - fully qualified object names make this redundant and add noise without benefit.
  • Option E likely grants the privilege to a USER directly rather than a ROLE, bypassing Snowflake's role-based access control (RBAC) model, which is insecure and unscalable.

Memory tip: Think "ROOF" - Role (always grant to roles, not users), Ownership before privileges, Object names quoted when they contain spaces, Future tables for new schemas. If any step breaks ROOF, that answer is wrong.

Topics

#Database Ownership#RBAC#Schema Privileges#Privilege Management

Community Discussion

No community discussion yet for this question.

Full SOL-C01 Practice