Instant Download ADA-C01 Dumps Q&As Provide PDF&Test Engine

Fast Exam Updates ADA-C01 dumps with PDF Test Engine Practice

NEW QUESTION # 28
.
Company A uses Snowflake to manage audio files of call recordings. Company A hired Company B, who also uses Snowflake, to transcribe the audio files for further analysis.
Company A's Administrator created a share.
What object should be added to the share to allow Company B access to the files?

• A. A secure view with a column for the stage name and a column for the file path.
• B. A secure view with a column for METADATA$FILENAME.
• C. A secure view with a column for pre-signed URLs.
• D. A secure view with a column for file URLs.

Answer: C

Explanation:
According to the Snowflake documentation1, pre-signed URLs are required to access external files in a share. A secure view can be used to generate pre-signed URLs for the audio files stored in an external stage and expose them to the consumer account. Option A is incorrect because file URLs alone are not sufficient to access external files in a share. Option C is incorrect because METADATA$FILENAME only returns the file name, not the full path or URL. Option D is incorrect because the stage name and file path are not enough to generate pre-signed URLs.

NEW QUESTION # 29
An Administrator loads data into a staging table every day. Once loaded, users from several different departments perform transformations on the data and load it into different production tables.
How should the staging table be created and used to MINIMIZE storage costs and MAXIMIZE performance?

• A. Create it as a permanent table with a retention time of 0 days.
• B. Create it as an external table, which will not incur Time Travel costs.
• C. Create it as a transient table with a retention time of 0 days.
• D. Create it as a temporary table with a retention time of 0 days.

Answer: C

Explanation:
Explanation
According to the Snowflake documentation1, a transient table is a type of table that does not support Time Travel or Fail-safe, which means that it does not incur any storage costs for maintaining historical versions of the data or backups for disaster recovery. A transient table can be dropped at any time, and the data is not recoverable. A transient table can also have a retention time of 0 days, which means that the data is deleted immediately after the table is dropped or truncated. Therefore, creating the staging table as a transient table with a retention time of 0 days can minimize the storage costs and maximize the performance, as the data is only loaded and transformed once, and then deleted after the production tables are populated. Option A is incorrect because creating the staging table as an external table, which references data files stored in a cloud storage location, can incur additional costs and complexity for data transfer and synchronization, and may not provide the best performance for data loading and transformation. Option C is incorrect because creating the staging table as a temporary table, which is automatically dropped when the session ends or the user logs out, can cause data loss or inconsistency if the session is interrupted or terminated before the production tables are populated. Option D is incorrect because creating the staging table as a permanent table, which supports Time Travel and Fail-safe, can incur additional storage costs for maintaining historical versions of the data and backups for disaster recovery, and may not provide the best performance for data loading and transformation.

NEW QUESTION # 30
Which commands can be performed by a user with the ORGADMIN role but not the ACCOUNTADMIN role? (Select TWO).

• A. SHOW REGIONS;
• B. SHOW ORGANIZATION ACCOUNTS;
• C. SELECT SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER (
  'ACCOUNT LOCATOR',
  'ENABLE ACCOUNT DATABASE_REPLICATION',
  'true'
  );
• D. SHOW USERS;
• E. GRANT ROLE ORGADMIN TO USER <username>;

Answer: B,C

Explanation:
Explanation
According to the Snowflake documentation1, the ORGADMIN role is a special system role that is responsible for managing operations at the organization level, such as creating and viewing accounts, enabling database replication, and setting global account parameters. The ACCOUNTADMIN role is a system role that is responsible for managing operations at the account level, such as creating and managing users, roles, warehouses, databases, and shares. Therefore, the commands that can be performed by the ORGADMIN role but not the ACCOUNTADMIN role are:
*SHOW ORGANIZATION ACCOUNTS: This command lists all the accounts in the organization and their properties, such as region, edition, and status2. The ACCOUNTADMIN role can only show the current account and its properties using the SHOW ACCOUNTS command3.
*SELECT SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER: This function sets a global account parameter for an account in the organization, such as enabling account database replication4. The ACCOUNTADMIN role can only set local account parameters using the ALTER ACCOUNT command.
Option A is incorrect because the SHOW REGIONS command can be executed by any role, not just the ORGADMIN role. Option B is incorrect because the SHOW USERS command can be executed by the ACCOUNTADMIN role, as well as any role that has been granted the MONITOR privilege on the account.
Option D is incorrect because the GRANT ROLE ORGADMIN TO USER <username> command can be executed by the ACCOUNTADMIN role, as well as any role that has been granted the ORGADMIN role1.

NEW QUESTION # 31
An organization's sales team leverages this Snowflake query a few times a day:
SELECT CUSTOMER ID, CUSTOMER_NAME, ADDRESS, PHONE NO
FROM CUSTOMERS
WHERE LAST UPDATED BETWEEN TO_DATE (CURRENT_TIMESTAMP) AND (TO_DATE
(CURRENT_TIMESTAMP) -7);
What can the Snowflake Administrator do to optimize the use of persisted query results whenever possible?

• A. Wrap the query in a User-Defined Function (UDF) to match syntax execution.
• B. Assign everyone on the sales team to the same virtual warehouse.
• C. Leverage the CURRENT_DATE function for date calculations.
• D. Assign everyone on the sales team to the same security role.

Answer: C

Explanation:
Explanation
According to the web search results from my predefined tool search_web, one of the factors that affects the reuse of persisted query results is the exact match of the query syntax1. If the query contains functions that return different values for successive runs, such as CURRENT_TIMESTAMP, then the query will not match the previous query and will not benefit from the cache. To avoid this, the query should use functions that return consistent values for the same day, such as CURRENT_DATE, which returns the current date without the time component2. Option A is incorrect because wrapping the query in a UDF does not guarantee the syntax match, as the UDF may also contain dynamic functions. Option B is incorrect because the virtual warehouse does not affect the persisted query results, which are stored at the account level1. Option C is incorrect because the security role does not affect the persisted query results, as long as the role has the necessary privileges to access the tables and views used in the query1.
1: Using Persisted Query Results | Snowflake Documentation 2: Date and Time Functions | Snowflake Documentation

NEW QUESTION # 32
Which type of listing in the Snowflake Marketplace can be added and queried immediately?

• A. Monetized listing
• B. Standard listing
• C. Personalized listing
• D. Regional listing

Answer: B

Explanation:
Explanation
According to the Snowflake documentation1, a standard listing is a type of listing that provides free access to the full data product, with no payment required. A standard listing can be added andqueried immediately by the consumer, as long as they accept the terms and conditions of the listing. A monetized listing is a type of listing that charges for access to the data product, using the pricing models offered by Snowflake. A monetized listing requires the consumer to provide payment information and agree to the billing terms before accessing the data product. A regional listing is not a type of listing, but a way to specify the regions where the listing is available. A personalized listing is a type of listing that provides limited trial access to the data product, with unlimited access to the full data product available upon request. A personalized listing requires the consumer to request access from the provider and wait for the provider to grant access before accessing the data product.
Therefore, the only type of listing that can be added and queried immediately is the standard listing.

NEW QUESTION # 33
A Snowflake Administrator is investigating why a query is not re-using the persisted result cache.
The Administrator found the two relevant queries from the SNOWFLAKE. ACCOUNT_USAGE.
QUERY_HISTORY view:

Why is the second query re-scanning micro-partitions instead of using the first query's persisted result cache?

• A. The queries are executed with two different roles.
• B. The second query includes a CURRENT_DATE () function.
• C. The second query includes a CURRENT_TIMESTAMP () function.
• D. The queries are executed with two different virtual warehouses.

Answer: D

Explanation:
Explanation
The inclusion of the CURRENT_TIMESTAMP() function in the second query prevents it from re-using the first query's persisted result cache because this function makes each execution unique due to the constantly changing timestamp. According to the Snowflake documentation, "The query does not include non-reusable functions, which return different results for successive runs of the same query. UUID_STRING, RANDOM, and RANDSTR are good examples of non-reusable functions." The CURRENT_TIMESTAMP() function is another example of a non-reusable function, as it returns the current date and time at the start of query execution, which varies for each run. Therefore, the second query is not identical to the first query, and the result cache is not reused. The other options are either incorrect or irrelevant to the question. Option B is incorrect, as the CURRENT_DATE() function is a reusable function, as it returns the same value for all queries executed within the same day. Option C is irrelevant, as the virtual warehouse used to execute the query does not affect the result cache reuse. Option D is also irrelevant, as the role used to execute the query does not affect the result cache reuse, as long as the role has the necessary access privileges for all the tables used in the query.

NEW QUESTION # 34
A Snowflake Administrator needs to set up Time Travel for a presentation area that includes facts and dimensions tables, and receives a lot of meaningless and erroneous loT data. Time Travel is being used as a component of the company's data quality process in which the ingestion pipeline should revert to a known quality data state if any anomalies are detected in the latest load. Data from the past 30 days may have to be retrieved because of latencies in the data acquisition process.
According to best practices, how should these requirements be met? (Select TWO).

• A. Only TRANSIENT tables should be used to ensure referential integrity between the fact and dimension tables.
• B. The DATA_RETENTION_TIME_IN_DAYS should be kept at the account level and never used for lower level containers (databases and schemas).
• C. The fact and dimension tables should have the same DATA_RETENTION_TIME_IN_ DAYS.
• D. Related data should not be placed together in the same schema. Facts and dimension tables should each have their own schemas.
• E. The fact and dimension tables should be cloned together using the same Time Travel options to reduce potential referential integrity issues with the restored data.

Answer: C,E

Explanation:
Explanation
According to the Understanding & Using Time Travel documentation, Time Travel is a feature that allows you to query, clone, and restore historical data in tables, schemas, and databases for up to 90 days. To meet the requirements of the scenario, the following best practices should be followed:
*The fact and dimension tables should have the same DATA_RETENTION_TIME_IN_DAYS. This parameter specifies the number of days for which the historical data is preserved and can be accessed by Time Travel. To ensure that the fact and dimension tables can be reverted to a consistent state in case of any anomalies in the latest load, they should have the same retention period. Otherwise, some tables may lose their historical data before others, resulting in data inconsistency and quality issues.
*The fact and dimension tables should be cloned together using the same Time Travel options to reduce potential referential integrity issues with the restored data. Cloning is a way of creating a copy of an object (table, schema, or database) at a specific point in time using Time Travel. To ensure that the fact and dimension tables are cloned with the same data set, they should be cloned together using the same AT or BEFORE clause. This will avoid any referential integrity issues that may arise from cloning tables at different points in time.
The other options are incorrect because:
*Related data should not be placed together in the same schema. Facts and dimension tables should each have their own schemas. This is not a best practice for Time Travel, as it does not affect the ability to query, clone, or restore historical data. However, it may be a good practice for data modeling and organization, depending on the use case and design principles.
*The DATA_RETENTION_TIME_IN_DAYS should be kept at the account level and never used for lower level containers (databases and schemas). This is not a best practice for Time Travel,as it limits the flexibility and granularity of setting the retention period for different objects. The retention period can be set at the account, database, schema, or table level, and the most specific setting overrides the more general ones. This allows for customizing the retention period based on the data needs and characteristics of each object.
*Only TRANSIENT tables should be used to ensure referential integrity between the fact and dimension tables. This is not a best practice for Time Travel, as it does not affect the referential integrity between the tables. Transient tables are tables that do not have a Fail-safe period, which means that they cannot be recovered by Snowflake after the retention period ends. However, they still support Time Travel within the retention period, and can be queried, cloned, and restored like permanent tables. The choice of table type depends on the data durability and availability requirements, not on the referential integrity.

NEW QUESTION # 35
Which Snowflake objects can be managed using SCIM integration? (Select TWO).

• A. Shares
• B. Stages
• C. Warehouses
• D. Roles
• E. Users

Answer: D,E

Explanation:
A SCIM security integration allows the automated management of user identities and groups (i.e. roles) by creating an interface between Snowflake and a third-party Identity Provider (IdP)1. Snowflake supports SCIM integration with Okta, Azure, and custom SCIM clients2. SCIM integration does not support managing other Snowflake objects, such as stages, warehouses, or shares3. Therefore, the answer is B. Users and D. Roles.

NEW QUESTION # 36
An Administrator receives data from a Snowflake partner. The partner is sharing a dataset that contains multiple secure views. The Administrator would like to configure the data so that only certain roles can see certain secure views.
How can this be accomplished?

• A. Apply RBAC directly onto the partner's shared secure views.
• B. Create views over the incoming shared database and apply the desired RBAC onto these views.
• C. Clone the data and insert it into a company-owned share and apply the desired RBAC on the new tables.
• D. Individually grant imported privileges onto the schema in the share.

Answer: B

Explanation:
According to the Snowflake documentation1, secure views are only exposed to authorized users who have been granted the role that owns the view. Therefore, applying RBAC directly onto the partner's shared secure views (option A) is not possible, as the administrator does not own those views. Individually granting imported privileges onto the schema in the share (option B) is also not feasible, as the privileges granted on the schema do not apply to existing secure views, only to future ones2. Cloning the data and inserting it into a company-owned share (option C) is not recommended, as it would create unnecessary duplication of data and increase storage costs. The best option is to create views over the incoming shared database and apply the desired RBAC onto these views (option D). This way, the administrator can control the access to the data based on the roles in their account, without modifying the original data or views from the partner.

NEW QUESTION # 37
A company has implemented Snowflake replication between two Snowflake accounts, both of which are running on a Snowflake Enterprise edition. The replication is for the database APP_DB containing only one schema, APP_SCHEMA.
The company's Time Travel retention policy is currently set for 30 days for both accounts. An Administrator has been asked to extend the Time Travel retention policy to 60 days on the secondary database only.
How can this requirement be met?

• A. Set the data retention policy on the primary database to 30 days and the schemas to 60 days.
• B. Set the data retention policy on the secondary database to 60 days.
• C. Set the data retention policy on the primary database to 60 days.
• D. Set the data retention policy on the schemas in the secondary database to 60 days.

Answer: B

Explanation:
According to the Replication considerations documentation, the Time Travel retention period for a secondary database can be different from the primary database. The retention period can be set at the database, schema, or table level using the DATA_RETENTION_TIME_IN_DAYS parameter. Therefore, to extend the Time Travel retention policy to 60 days on the secondary database only, the best option is to set the data retention policy on the secondary database to 60 days using the ALTER DATABASE command. The other options are incorrect because:
* B. Setting the data retention policy on the schemas in the secondary database to 60 days will not affect the database-level retention period, which will remain at 30 days. The most specific setting overrides the more general ones, so the schema-level setting will apply to the tables in the schema, but not to the database itself.
* C. Setting the data retention policy on the primary database to 30 days and the schemas to 60 days will not affect the secondary database, which will have its own retention period. The replication process does not copy the retention period settings from the primary to the secondary database, so they can be configured independently.
* D. Setting the data retention policy on the primary database to 60 days will not affect the secondary database, which will have its own retention period. The replication process does not copy the retention period settings from the primary to the secondary database, so they can be configured independently.

NEW QUESTION # 38
What session parameter can be used to test the integrity of secure views based on the account that is accessing that view?

• A. TEST_ACCOUNT_ID
• B. PRODUCER_TEST_ACCT
• C. SIMULATED_DATA_SHARING_CONSUMER
• D. MIMIC_CONSUMER_ACCOUNT

Answer: C

Explanation:
Explanation
The SIMULATED_DATA_SHARING_CONSUMER session parameter allows a data provider to test the integrity of secure views based on the account that is accessing that view2. By setting this parameter to the name of the consumer account, the data provider can query the secure view and see the results that a user in the consumer account will see2. This helps to ensure that sensitive data in a shared database is not exposed to unauthorized users1. The other options are not valid session parameters in Snowflake3

NEW QUESTION # 39
An Administrator receives data from a Snowflake partner. The partner is sharing a dataset that contains multiple secure views. The Administrator would like to configure the data so that only certain roles can see certain secure views.
How can this be accomplished?

• A. Apply RBAC directly onto the partner's shared secure views.
• B. Create views over the incoming shared database and apply the desired RBAC onto these views.
• C. Clone the data and insert it into a company-owned share and apply the desired RBAC on the new tables.
• D. Individually grant imported privileges onto the schema in the share.

Answer: B

Explanation:
According to the Snowflake documentation1, secure views are only exposed to authorized users who have been granted the role that owns the view. Therefore, applying RBAC directly onto the partner's shared secure views (option A) is not possible, as the administrator does not own those views. Individually granting imported privileges onto the schema in the share (option B) is also not feasible, as the privileges granted on the schema do not apply to existing secure views, only to future ones2. Cloning the data and inserting it into a company-owned share (option C) is not recommended, as it would create unnecessary duplication of data and increase storage costs. The best option is to create views over the incoming shared database and apply the desired RBAC onto these views (option D). This way, the administrator can control the access to the data based on the roles in their account, without modifying the original data or views from the partner.

NEW QUESTION # 40
What is a characteristic of Snowflake's transaction locking and concurrency modeling?

• A. A deadlock cannot occur in Snowflake, since concurrently executed queries and DML statements do not block one another.
• B. If two queries are concurrently executed against the same table, one of the two queries will be blocked until the other query completes.
• C. Queries executed within a given transaction see that transaction's uncommitted changes.
• D. Transaction locking in Snowflake is enforced exclusively at the row and table levels.

Answer: A

Explanation:
Explanation
According to the Snowflake documentation1, Snowflake uses a multi-version concurrency control (MVCC) model, which means that each transaction operates on a consistent snapshot of the database at a point in time.
This allows queries and DML statements to run concurrently without blocking each other, as they do not modify the same data. Therefore, a deadlock, which occurs when concurrent transactions are waiting on resources that are locked by each other, cannot happen in Snowflake. Option B is incorrect because queries and DML statements do not block each other in Snowflake, unless they are explicitly started transactions and multiple statements in each transaction2. Option C is incorrect because transaction locking in Snowflake is enforced at the partition level, not the row or table level3. Option D is incorrect because queries executed within a given transaction do not see that transaction's uncommitted changes, but only the committed changes that occurred before the transaction started1.

NEW QUESTION # 41
A user has enrolled in Multi-factor Authentication (MFA) for connecting to Snowflake. The user informs the Snowflake Administrator that they lost their mobile phone the previous evening.
Which step should the Administrator take to allow the user to log in to the system, without revoking their MFA enrollment?

• A. Alter the user and set DISABLE_MFA to true, which will suspend the MFA requirement for 24 hours.
• B. Alter the user and set MINS TO BYPASS MFA to a value that will disable MFA long enough for the user to log in.
• C. Instruct the user to connect to Snowflake using SnowSQL, which does not support MFA authentication.
• D. Instruct the user to append the normal URL with /?mode=mfa_bypass&code= to log on.

Answer: B

Explanation:
Explanation
The MINS_TO_BYPASS_MFA property allows the account administrator to temporarily disable MFA for a user who has lost their phone or changed their phone number1. The user can log in without MFA for the specified number of minutes, and then re-enroll in MFA using their new phone1. This does not revoke their MFA enrollment, unlike the DISABLE_MFA property, which cancels their enrollment and requires them to re-enroll from scratch1. The other options are not valid ways to bypass MFA, as SnowSQL does support MFA authentication2, and there is no such URL parameter as /?mode=mfa_bypass&code= for Snowflake3

NEW QUESTION # 42
What roles or security privileges will allow a consumer account to request and get data from the Data Exchange? (Select TWO).

• A. SECURITYADMIN
• B. IMPORT SHARE and CREATE DATABASE
• C. SYSADMIN
• D. ACCOUNTADMIN
• E. IMPORT PRIVILEGES and SHARED DATABASE

Answer: B,D

Explanation:
According to the Accessing a Data Exchange documentation, a consumer account can request and get data from the Data Exchange using either the ACCOUNTADMIN role or a role with the IMPORT SHARE and CREATE DATABASE privileges. The ACCOUNTADMIN role is the top-level role that has all privileges on all objects in the account, including the ability to request and get data from the Data Exchange. A role with the IMPORT SHARE and CREATE DATABASE privileges can also request and get data from the Data Exchange, as these are the minimum privileges required to create a database from a share. The other options are incorrect because:
* A. The SYSADMIN role does not have the privilege to request and get data from the Data Exchange, unless it is also granted the IMPORT SHARE and CREATE DATABASE privileges. The SYSADMIN role is a pre-defined role that has all privileges on all objects in the account, except for the privileges reserved for the ACCOUNTADMIN role, such as managing users, roles, and shares.
* B. The SECURITYADMIN role does not have the privilege to request and get data from the Data Exchange, unless it is also granted the IMPORT SHARE and CREATE DATABASE privileges. The SECURITYADMIN role is a pre-defined role that has the privilege to manage security objects in the account, such as network policies, encryption keys, and security integrations, but not data objects, such as databases, schemas, and tables.
* E. The IMPORT PRIVILEGES and SHARED DATABASE are not valid privileges in Snowflake. The correct privilege names are IMPORT SHARE and CREATE DATABASE, as explained above.

NEW QUESTION # 43
When a role is dropped, which role inherits ownership of objects owned by the dropped role?

• A. The SECURITYADMIN role
• B. The role above the dropped role in the RBAC hierarchy
• C. The role executing the command
• D. The SYSADMIN role

Answer: B

Explanation:
According to the Snowflake documentation1, when a role is dropped, ownership of all objects owned by the dropped role is transferred to the role that is directly above the dropped role in the role hierarchy. This is to ensure that there is always a single owner for each object in the system.
1: Drop Role | Snowflake Documentation

NEW QUESTION # 44
If the query matches the definition, will Snowflake always dynamically rewrite the query to use a materialized view?

• A. No, because the optimizer might decide against it.
• B. No, because the materialized view may not be up-to-date.
• C. Yes, because materialized views are always faster.
• D. No, because joins are not supported by materialized views.

Answer: A

Explanation:
Snowflake's query optimizer can automatically rewrite queries against the base table or regular views to use the materialized view instead, if the query matches the definition of the materialized view1. However, this is not always guaranteed, as the optimizer might decide against using the materialized view based on various factors, such as the freshness of the data, the size of the result set, the complexity of the query, and the availability of the materialized view2. Therefore, the answer is no, because the optimizer might decide against it.

NEW QUESTION # 45
Which type of listing in the Snowflake Marketplace can be added and queried immediately?

• A. Monetized listing
• B. Standard listing
• C. Personalized listing
• D. Regional listing

Answer: B

Explanation:
According to the Snowflake documentation1, a standard listing is a type of listing that provides free access to the full data product, with no payment required. A standard listing can be added and queried immediately by the consumer, as long as they accept the terms and conditions of the listing. A monetized listing is a type of listing that charges for access to the data product, using the pricing models offered by Snowflake. A monetized listing requires the consumer to provide payment information and agree to the billing terms before accessing the data product. A regional listing is not a type of listing, but a way to specify the regions where the listing is available. A personalized listing is a type of listing that provides limited trial access to the data product, with unlimited access to the full data product available upon request. A personalized listing requires the consumer to request access from the provider and wait for the provider to grant access before accessing the data product. Therefore, the only type of listing that can be added and queried immediately is the standard listing.

NEW QUESTION # 46
What are benefits of using Snowflake organizations? (Select TWO).

• A. Administrators have the ability to create accounts in any available cloud provider or region.
• B. Administrators can change Snowflake account editions on-demand based on need.
• C. Administrators can simplify data movement across all accounts within the organization.
• D. User administration is simplified across all accounts within the organization.
• E. Administrators can monitor and understand usage across all accounts in the organization.

Answer: A,E

Explanation:
Explanation
According to the Snowflake documentation1, organizations are a feature that allows linking the accounts owned by a business entity, simplifying account management and billing, replication and failover, data sharing, and other account administration tasks. Some of the benefits of using organizations are:
*Administrators can monitor and understand usage across all accounts in the organization using the ORGANIZATION_USAGE schema, which provides historical usage data for all accounts in the organization via views in a shared database named SNOWFLAKE2. This can help to optimize costs and performance across the organization.
*Administrators have the ability to create accounts in any available cloud provider or region using the CREATE ACCOUNT command, which allows specifying the cloud platform and region for the new account3.
This can help to meet the business needs and compliance requirements of the organization.
Option A is incorrect because administrators cannot change Snowflake account editions on-demand based on need, but rather have to contact Snowflake Support to request an edition change4. Option C is incorrect because administrators cannot simplify data movement across all accounts within the organization, but rather have to enable account database replication for both the source and target accounts, and use the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command to promote a local database to serve as the primary database and enable replication to the target accounts5. Option D is incorrect because user administration is not simplified across all accounts within the organization, but rather requires creating and managing users, roles, and privileges for each account separately, unless using a federated authentication method such as SSO or SCIM.

NEW QUESTION # 47
A user with the proper role issues the following commands when setting up and activating network policies:
CREATE OR REPLACE NETWORK POLICY foo_policy
ALLOWED_IP_LIST = ( '1.1.1.0/24', '2.2.2.0/24' , '3.3. 3. 0/24' )
BLOCKED IP LIST = ( '1.1.1.1')
COMMENT = 'Account level policy';
ALTER ACCOUNT SET NETWORK_POLICY=FOO_POLICY;
CREATE OR REPLACE NETWORK POLICY bar_policy
ALLOWED_IP_LIST = ('3.3.3.0/24')
BLOCKED IP LIST = ('3.3.3.10')
COMMENT = 'user level policy';
ALTER USER userl SET NETWORK_POLICY=BAR_POLICY;
Afterwards, user1 attempts to log in to Snowflake from IP address 3.3.3.10.
Will the login be successful?

• A. No, because 3.3.3.10 is found in the BLOCKED_IP_LIST of bar_policy.
• B. Yes, because 3.3.3.10 is found in the ALLOWED_IP_LIST of bar_policy.
• C. Yes, because 3.3.3.10 is found in the ALLOWED_IP_LIST of foo_policy.
• D. No, because 3.3.3.10 is not found in the ALLOWED_IP_LIST of foo_policy.

Answer: A

Explanation:
Explanation
According to the Snowflake documentation1, network policies are a feature that allows restricting access to your account based on user IP address. A network policy can be applied to an account, a user, or a security integration, and can specify a list of allowed IP addresses and a list of blocked IP addresses. If there are network policies applied to more than one of these, the most specific network policy overrides more general network policies. In this case, the user1 has a network policy (bar_policy) applied to them, which overrides the account-level network policy (foo_policy). The bar_policy allows access only from the IP range 3.3.3.0/24, and blocks access from the IP address 3.3.3.10. Therefore, the user1 will not be able to log in to Snowflake from IP address 3.3.3.10, as it is found in the BLOCKED_IP_LIST of bar_policy. Option A is incorrect because the ALLOWED_IP_LIST of bar_policy does not override the BLOCKED_IP_LIST of bar_policy.
Option C is incorrect because the ALLOWED_IP_LIST of foo_policy does not apply to user1, as it is overridden by the user-level network policy. Option D is incorrect because the ALLOWED_IP_LIST of foo_policy does not matter, as it is overridden by the user-level network policy.

NEW QUESTION # 48
What are characteristics of Dynamic Data Masking? (Select TWO).

• A. A single masking policy can be applied to columns in different tables.
• B. The role that creates the masking policy will always see unmasked data in query results.
• C. A masking policy that is currently set on a table can be dropped.
• D. A single masking policy can be applied to columns with different data types.
• E. A masking policy can be applied to the VALUE column of an external table.

Answer: A,D

Explanation:
According to the Using Dynamic Data Masking documentation, Dynamic Data Masking is a feature that allows you to alter sections of data in table and view columns at query time using a predefined masking strategy. The following are some of the characteristics of Dynamic Data Masking:
* A single masking policy can be applied to columns in different tables. This means that you can write a policy once and have it apply to thousands of columns across databases and schemas.
* A single masking policy can be applied to columns with different data types. This means that you can use the same masking strategy for columns that store different kinds of data, such as strings, numbers, dates, etc.
* A masking policy that is currently set on a table can be dropped. This means that you can remove the masking policy from the table and restore the original data visibility.
* A masking policy can be applied to the VALUE column of an external table. This means that you can mask data that is stored in an external stage and queried through an external table.
* The role that creates the masking policy will always see unmasked data in query results. This is not true, as the masking policy can also apply to the creator role depending on the execution context conditions defined in the policy. For example, if the policy specifies that only users with a certain custom entitlement can see the unmasked data, then the creator role will also need to have that entitlement to see the unmasked data.

NEW QUESTION # 49
What role or roles should be used to properly create the object required to setup OAuth 2.0 integration?

• A. ACCOUNTADMIN and SYSADMIN
• B. Any role with GRANT USAGE on SECURITY INTEGRATION
• C. ACCOUNTADMIN only
• D. ACCOUNTADMIN and SECURITYADMIN

Answer: C

Explanation:
Explanation
According to the Using OAuth 2.0 with Snowflake - Blog, only the ACCOUNTADMIN role can create and manage integrations, so an administrator must assume that role when creating a security integration for OAuth.
The other roles do not have the necessary privileges to create the object required to setup OAuth 2.0 integration.

NEW QUESTION # 50
......

Snowflake ADA-C01 Exam Syllabus Topics:

Topic	Details
Topic 1	Given a scenario, create and manage access control Given a scenario, implement resource monitors
Topic 2	Manage and implement data sharing Given a set of business requirements, establish access control architecture
Topic 3	Interpret and make recommendations for data clustering Manage DML locking and concurrency in Snowflake
Topic 4	Set up and manage network and private connectivity Given a scenario, manage Snowflake Time Travel and Fail-safe

 

Exam Valid Dumps with Instant Download Free Updates: https://examtorrent.vce4dumps.com/ADA-C01-latest-dumps.html