Snowflake SnowPro Advanced Administrator ADA-C02 - SnowPro Advanced Administrator ADA-C02 Exam
Page: 1 / 13
Total 62 questions
Question #1 (Topic: Topic 1, Snowflake Security, RBAC, and User Administration
)
DatabaseA has a single schema called Schema1. This schema contains many tables and views. The ANALYST role has privileges to select from all objects in DatabaseA.Schema1. The SYSADMIN role clones DatabaseA to DatabaseA_clone.
What privileges does the ANALYST role have on tables and views in DatabaseA_clone? (Choose two.)
What privileges does the ANALYST role have on tables and views in DatabaseA_clone? (Choose two.)
A. USAGE on the schema DatabaseA_clone
B. USAGE on the database DatabaseA_clone.Schema1
C. SELECT on all tables, and only non-secure views in DatabaseA_clone.Schema1
D. SELECT on all tables, and only secure views in DatabaseA_clone.Schema1
E. SELECT on all tables and views in DatabaseA_clone.Schema1
Answer: AE
Question #2 (Topic: Topic 1, Snowflake Security, RBAC, and User Administration
)
Which statement allows a Snowflake Administrator to retrieve the network policy applied to their Snowflake account?
A. SHOW NETWORK POLICIES IN ACCOUNT;
B. SHOW PARAMETERS LIKE ‘NETWORK POLICY’ IN ACCOUNT;
C. SHOW NETWORK POLICIES;
D. DESC NETWORK POLICY <policy_name>;
Answer: B
Question #3 (Topic: Topic 1, Snowflake Security, RBAC, and User Administration
)
What information is required from the Identity Provider (IdP) to enable federated authentication in Snowflake? (Choose two.)
A. IdP account details
B. URL endpoint for SAML requests
C. SAML response format
D. Authentication certificate
E. IdP encryption key
Answer: BD
Question #4 (Topic: Topic 1, Snowflake Security, RBAC, and User Administration
)
A team of developers created a new schema for a new project. The developers are assigned the role DEV_TEAM which was set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE DEV_TEAM;
GRANT USAGE, CREATE SCHEMA ON DATABASE DEV_DB01 TO ROLE DEV_TEAM;
GRANT USAGE ON WAREHOUSE DEV_WH TO ROLE DEV_TEAM;
Each team member's access is set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE JDOE_PROFILE;
CREATE USER JDOE LOGIN_NAME = ’JDOE’ DEFAULT_ROLE=’JDOE PROFILE’;
GRANT ROLE JDOE_PROFILE TO USER JDOE;
GRANT ROLE DEV_TEAM TO ROLE JDOE_PROFILE;
New tables created by any of the developers are not accessible by the team as a whole.
How can an Administrator address this problem?
USE ROLE SECURITYADMIN;
CREATE ROLE DEV_TEAM;
GRANT USAGE, CREATE SCHEMA ON DATABASE DEV_DB01 TO ROLE DEV_TEAM;
GRANT USAGE ON WAREHOUSE DEV_WH TO ROLE DEV_TEAM;
Each team member's access is set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE JDOE_PROFILE;
CREATE USER JDOE LOGIN_NAME = ’JDOE’ DEFAULT_ROLE=’JDOE PROFILE’;
GRANT ROLE JDOE_PROFILE TO USER JDOE;
GRANT ROLE DEV_TEAM TO ROLE JDOE_PROFILE;
New tables created by any of the developers are not accessible by the team as a whole.
How can an Administrator address this problem?
A. Assign ownership privilege to DEV_TEAM on the newly-created schema.
B. Assign usage privilege on the virtual warehouse DEV_WH to the role JDOE_PROFILE.
C. Set up future grants on the newly-created schemas.
D. Set up the new schema as a managed-access schema.
Answer: C
Question #5 (Topic: Topic 1, Snowflake Security, RBAC, and User Administration
)
Which function is the role SECURITYADMIN responsible for that is not granted to role USERADMIN?
A. Reset a Snowflake user's password
B. Manage system grants
C. Create new users
D. Create new roles
Answer: B
