Prepare Top Snowflake ADA-C01 Exam Study Guide Practice Questions Edition [Q31-Q54]

Prepare Top Snowflake ADA-C01 Exam Study Guide Practice Questions Edition

Go to ADA-C01 Questions - Try ADA-C01 dumps pdf

Snowflake ADA-C01 Exam Syllabus Topics:

Topic	Details
Topic 1	Given a scenario, create and manage access control Given a scenario, implement resource monitors
Topic 2	Given a scenario, manage databases, tables, and views Manage organizations and access control
Topic 3	Given a scenario, configure access controls Set up and manage security administration and authorization
Topic 4	Interpret and make recommendations for data clustering Manage DML locking and concurrency in Snowflake
Topic 5	Implement and manage data governance in Snowflake Data Sharing, Data Exchange, and Snowflake Marketplace
Topic 6	Set up and manage network and private connectivity Given a scenario, manage Snowflake Time Travel and Fail-safe

 

NEW QUESTION # 31
How should an Administrator configure a Snowflake account to use AWS PrivateLink?

• A. Use SnowCD to evaluate the network connection.
• B. Block public access to Snowflake.
• C. Contact Snowflake Support.
• D. Create CNAME records in the DNS.

Answer: D

Explanation:
To configure a Snowflake account to use AWS PrivateLink, the Administrator needs to create CNAME records in the DNS that point to the private endpoints provided by Snowflake. This allows the clients to connect to Snowflake using the same URL as before, but with private connectivity. According to the Snowflake documentation, "After you have created the VPC endpoints, Snowflake provides you with a list of private endpoints for your account. You must create CNAME records in your DNS that point to these private endpoints. The CNAME records must use the same hostnames as the original Snowflake URLs for your account." The other options are either incorrect or not sufficient to configure AWS PrivateLink. Option B is not necessary, as the Administrator can enable AWS PrivateLink using the SYSTEM$AUTHORIZE_PRIVATELINK function1. Option C is not recommended, as it may prevent some data traffic from reaching Snowflake, such as large result sets stored on AWS S32. Option D is not related to AWS PrivateLink, but to Snowflake Connectivity Diagnostic (SnowCD), which is a tool for diagnosing network issues between clients and Snowflake3.

NEW QUESTION # 32
DatabaseA has a single schema called Schema1. This schema contains many tables and views. The ANALYST role has privileges to select from all objects in Database A. Schema1.
The SYSADMIN role clones DatabaseA to DatabaseA_clone.
What privileges does the ANALYST role have on tables and views in DatabaseA_clone? (Select TWO).

• A. SELECT on all tables, and only secure views in DatabaseA_clone. Schemal
• B. SELECT on all tables, and only non-secure views in DatabaseA_clone. Schemal
• C. USAGE on the database DatabaseA_clone. Schemal
• D. SELECT on all tables and views in DatabaseA_clone. Schema1
• E. USAGE on the schema DatabaseA clone

Answer: B,D

Explanation:
According to the Snowflake documentation, when a database or schema is cloned, the clone inherits all granted privileges on the clones of all child objects contained in the source object, such as tables and views. However, the clone of the container itself does not inherit the privileges granted on the source container. Therefore, the ANALYST role will have SELECT privilege on all tables and views in DatabaseA_clone.Schema1, but not USAGE privilege on the database or schema. The type of view (secure or non-secure) does not affect the cloning of privileges.

NEW QUESTION # 33
An Administrator has a user who needs to be able to suspend and resume a task based on the current virtual warehouse load, but this user should not be able to modify the task or start a new run.
What privileges should be granted to the user to meet these requirements? (Select TWO).

• A. OWNERSHIP on the task
• B. EXECUTE TASK on the task
• C. OWNERSHIP on the database and schema containing the task
• D. USAGE on the database and schema containing the task
• E. OPERATE on the task

Answer: D,E

Explanation:
Explanation
The user needs the OPERATE privilege on the task to suspend and resume it, and the USAGE privilege on the database and schema containing the task to access it1. The EXECUTE TASK privilege is not required for suspending and resuming a task, only for triggering a new run1. The OWNERSHIP privilege on the task or the database and schema would allow the user to modify or drop the task, which is not desired.

NEW QUESTION # 34
When a role is dropped, which role inherits ownership of objects owned by the dropped role?

• A. The role executing the command
• B. The SYSADMIN role
• C. The SECURITYADMIN role
• D. The role above the dropped role in the RBAC hierarchy

Answer: D

Explanation:
According to the Snowflake documentation1, when a role is dropped, ownership of all objects owned by the dropped role is transferred to the role that is directly above the dropped role in the role hierarchy. This is to ensure that there is always a single owner for each object in the system.
1: Drop Role | Snowflake Documentation

NEW QUESTION # 35
A team is provisioning new lower environments from the production database using cloning. All production objects and references reside in the database, and do not have external references.
What set of object references needs to be re-pointed before granting access for usage?

• A. Sequences, storage integrations, views, secure views, and materialized views
• B. Sequences, views, and secure views
• C. There are no object references that need to be re-pointed
• D. Sequences, views, secure views, and materialized views

Answer: A

Explanation:
Explanation
According to the Snowflake documentation1, when an object in a schema is cloned, any future grants defined for this object type in the schema are applied to the cloned object unless the COPY GRANTS option is specified in the CREATE statement for the clone operation. However, some objects may still reference the source object or external objects after cloning, which may cause issues with access or functionality. These objects include:
*Sequences: If a table column references a sequence that generates default values, the cloned table may reference the source or cloned sequence, depending on where the sequence is defined. To avoid conflicts, the sequence reference should be re-pointed to the desired sequence using the ALTER TABLE command2.
*Storage integrations: If a stage or a table references a storage integration, the cloned object may still reference the source storage integration, which may not be accessible or valid in the new environment. To avoid errors, the storage integration reference should be re-pointed to the desired storage integration using the ALTER STAGE or ALTER TABLE command34.
*Views, secure views, and materialized views: If a view references another view or table, the cloned view may still reference the source object, which may not be accessible or valid in the new environment. To avoid errors, the view reference should be re-pointed to the desired object using the CREATE OR REPLACE VIEW command5.
1: Cloning Considerations | Snowflake Documentation 2: [ALTER TABLE | Snowflake Documentation] 3:
[ALTER STAGE | Snowflake Documentation] 4: [ALTER TABLE | Snowflake Documentation] 5: [CREATE VIEW | Snowflake Documentation]

NEW QUESTION # 36
An Administrator receives data from a Snowflake partner. The partner is sharing a dataset that contains multiple secure views. The Administrator would like to configure the data so that only certain roles can see certain secure views.
How can this be accomplished?

• A. Clone the data and insert it into a company-owned share and apply the desired RBAC on the new tables.
• B. Individually grant imported privileges onto the schema in the share.
• C. Apply RBAC directly onto the partner's shared secure views.
• D. Create views over the incoming shared database and apply the desired RBAC onto these views.

Answer: D

Explanation:
Explanation
According to the Snowflake documentation1, secure views are only exposed to authorized users who have been granted the role that owns the view. Therefore, applying RBAC directly onto the partner's shared secure views (option A) is not possible, as the administrator does not own those views. Individually granting imported privileges onto the schema in the share (option B) is also not feasible, as the privileges granted on the schema do not apply to existing secure views, only tofuture ones2. Cloning the data and inserting it into a company-owned share (option C) is not recommended, as it would create unnecessary duplication of data and increase storage costs. The best option is to create views over the incoming shared database and apply the desired RBAC onto these views (option D). This way, the administrator can control the access to the data based on the roles in their account, without modifying the original data or views from the partner.

NEW QUESTION # 37
A large international company with many operating regions requires data to be shared bi-directionally among all offices (head office to regional offices and regional offices among themselves). This company is a Snowflake account holder with European operations deployed in Microsoft Azure (single region) while North American regional offices are using AWS (single region) as their deployment cloud. This setup is required to comply with Personal Identifiable Information (PII) regulations in some of the European countries. The corporate head office is in Europe.
How can this data be shared bi-directionally, while MINIMIZING costs?

• A. Use the PUT command to move files to an Amazon S3 bucket and Azure Blobs, and use an external file management application to move files within the corporate VPC.
• B. Use bi-directional data sharing among offices in the same region and replication among offices across the continents.
• C. Use data replication everywhere to reduce costs associated with same-region sharing.
• D. Move all the Snowflake accounts to a single region, and implement data sharing.

Answer: B

Explanation:
According to the Snowflake documentation1, data sharing is a feature that allows sharing selected objects in a database in one account with other accounts in the same organization, without copying or transferring any data. Data sharing is supported across regions and across cloud platforms, but it requires enabling account database replication for both the source and target accounts2. Data replication is a feature that allows replicating objects from a source account to one or more target accounts in the same organization, providing read-only access for the replicated objects. Data replication is also supported across regions and across cloud platforms, but it incurs additional storage costs for the replicated data2. Therefore, the best way to share data bi-directionally among all offices, while minimizing costs, is to use data sharing among offices in the same region, which does not require replication or additional storage, and use replication among offices across the continents, which provides near real-time access to the shared data. Option A is incorrect because using data replication everywhere would increase the costs associated with additional storage and compute resources for the replicated data. Option B is incorrect because using the PUT command to move files to an Amazon S3 bucket and Azure Blobs, and using an external file management application to move files within the corporate VPC, would not leverage the benefits of Snowflake's data sharing and replication features, and would also incur additional costs and complexity for data transfer and synchronization. Option C is incorrect because moving all the Snowflake accounts to a single region would violate the PII regulations in some of the European countries, and would also incur additional costs and complexity for data migration and consolidation.

NEW QUESTION # 38
A company has many users in the role ANALYST who routinely query Snowflake through a reporting tool.
The Administrator has noticed that the ANALYST users keep two
small clusters busy all of the time, and occasionally they need three or four clusters of that size.
Based on this scenario, how should the Administrator set up a virtual warehouse to MOST efficiently support this group of users?

• A. Create a multi-cluster warehouse with MIN_CLUSTERS set to 1. Give MANAGE privileges to the ANALYST role so this group can start and stop the warehouse, and increase the number of clusters as needed.
• B. Create a standard X-Large warehouse, which is equivalent to four small clusters. Set the warehouse to auto-resume and auto-suspend, and give USAGE privileges to the ANALYST role.
• C. Create four virtual warehouses (sized Small through XL) and set them to auto-suspend andauto-resume.
  Have users in the ANALYST role select the appropriate warehouse based on how many queries are being run.
• D. Create a multi-cluster warehouse with MIN_CLUSTERS set to 2. Set the warehouse to auto-resume and auto-suspend, and give USAGE privileges to the ANALYST role. Allow the warehouse to auto-scale.

Answer: D

Explanation:
Explanation
According to the Snowflake documentation1, a multi-cluster warehouse is a virtual warehouse that consists of multiple clusters of compute resources that can scale up or down automatically to handle the concurrency and performance needs of the queries submitted to the warehouse. A multi-cluster warehouse has a minimum and maximum number of clusters that can be specified by the administrator. Option B is the most efficient way to support the group of users, as it allows the administrator to create a multi-cluster warehouse with MIN_CLUSTERS set to 2, which means that the warehouse will always have two clusters running to handle the standard workload. The warehouse can also auto-scale up to the maximum number of clusters (which can be set according to the peak workload) when there is a spike in demand, and then scale down when the demand decreases. The warehouse can also auto-resume and auto-suspend, which means that the warehouse will automatically start when a query is submitted and automatically stop after a period of inactivity. The administrator can also give USAGE privileges to the ANALYST role, which means that the users can use the warehouse to execute queries and load data, but not modify or operate the warehouse. Option A is not efficient, as it requires the users to manually start and stop the warehouse, and increase the number of clusters as needed, which can be time-consuming and error-prone. Option C is not efficient, as it creates a standard X-Large warehouse, which is equivalent to four small clusters, which may be more than needed for the standard workload, and may not be enough for the peak workload. Option D is not efficient, as it creates four virtual warehouses of different sizes, which can be confusing and cumbersome for the users to select the appropriate warehouse based on how many queries are being run, and may also result in wasted resources and costs.

NEW QUESTION # 39
An Administrator has a warehouse which is intended to have a credit quota set for 3000 for each calendar year. The Administrator needs to create a resource monitor that will perform the following tasks:
1. At 80% usage notify the account Administrators.
2. At 100% usage suspend the warehouse and notify the account Administrators.
3. At 120% stop all running executions, suspend the warehouse, and notify the account Administrators.
Which SQL command will meet these requirements?

• A. create or replace resource monitor RM1 with credit_quota=3000
  frequency = yearly
  start_timestamp = '2022-01-01 00:00 CET'
  triggers on 80 percent do notify
  on 100 percent do suspend
  on 120 percent do suspend_immediate;
  alter warehouse WH1 set resource monitor = RM1;
• B. create or replace resource monitor RM1 with credit_quota=3000
  start_timestamp = '2022-01-01 00:00 CET'
  triggers on 80 percent do notify
  on 100 percent do notify and suspend
  on 120 percent do notify and suspend_immediate;
  alter warehouse WH1 set resource monitor = RM1;
• C. create or replace resource monitor RM1 with credit_quota=3000
  frequency = yearly
  triggers on 80 percent do notify
  on 100 percent do suspend
  on 120 percent do suspend_immediate;
  alter warehouse WH1 set resource_monitor = RM1;
• D. create or replace resource monitor RM1 with credit_quota=3000
  start_timestamp = '2022-01-01 00:00 CET'
  triggers on 80 percent do notify
  on 100 percent do suspend
  on 120 percent do suspend_immediate;
  alter warehouse WH1 set resource_monitor = RM1;

Answer: A

Explanation:
Option B is the correct SQL command to create a resource monitor that meets the requirements. It sets the credit quota to 3000, the frequency to yearly, the start timestamp to January 1, 2022, and the triggers to notify and suspend the warehouse at the specified thresholds. Option A is incorrect because it does not specify the frequency. Option C is incorrect because it does not specify the frequency and it uses notify and suspend instead of suspend and suspend_immediate. Option D is incorrect because it does not specify the start timestamp. For more information about resource monitors, see Working with Resource Monitors and CREATE RESOURCE MONITOR.

NEW QUESTION # 40
An Administrator is evaluating a complex query using the EXPLAIN command. The Globalstats operation indicates 500 partitionsAssigned.
The Administrator then runs the query to completion and opens the Query Profile. They notice that the partitions scanned value is 429.
Why might the actual partitions scanned be lower than the estimate from the EXPLAIN output?

• A. The EXPLAIN results always include a 10-15% safety factor in order to provide conservative estimates.
• B. The GlobalStats partition assignment includes the micro-partitions that will be assigned for preservation of the query results.
• C. In-flight data compression will result in fewer micro-partitions being scanned at the virtual warehouse layer than were identified at the storage layer.
• D. Runtime optimizations such as join pruning can reduce the number of partitions and bytes scanned during query execution.

Answer: D

Explanation:
Explanation
The EXPLAIN command returns the logical execution plan for a query, which shows the upper bound estimates for the number of partitions and bytes that might be scanned by the query1. However, these estimates do not account for the runtime optimizations that Snowflake performs to improve the query performance and reduce the resource consumption2. One of these optimizations is join pruning, which eliminates unnecessary partitions from the join inputs based on the join predicates2. This can result in fewer partitions and bytes scanned than the estimates from the EXPLAIN output3. Therefore, the actual partitions scanned value in the Query Profile can be lower than the partitionsAssigned value in the EXPLAIN output4.

NEW QUESTION # 41
A Snowflake organization MYORG consists of two Snowflake accounts:

The ACCOUNT1 has a database PROD_DB and the ORGADMIN role enabled.
Management wants to have the PROD_DB database replicated to ACCOUNT2.
Are there any necessary configuration steps in ACCOUNT1 before the database replication can be configured and initiated in ACCOUNT2?

• A. No configuration steps are necessary in ACCOUNT1. Replicating databases across accounts within the same Snowflake organization is enabled by default.
• B. USE ROLE ORGADMIN;
  SELECT SYSTEMSGLOBAL ACCOUNT SET_PARAMETER ( 'MYORG. ACCOUNT1',
  'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE');
  USE ROLE ACCOUNTADMIN;
  ALTER DATABASE PROD_DB ENABLE REPLICATION TO ACCOUNTS MYORG. ACCOUNT2
  IGNORE EDITION CHECK;
• C. It is not possible to replicate a database from an Enterprise edition Snowflake account to a Standard edition Snowflake account.
• D. USE ROLE ORGADMIN;
  SELECT SYSTEMSGLOBAL_ACCOUNT_SET_PARAMETER ('MYORG. ACCOUNT1',
  'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE');
  SELECT SYSTEMSGLOBAL_ACCOUNT_SET_PARAMETER ('MYORG. ACCOUNT2',
  'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE');
  USE ROLE ACCOUNTADMIN;
  ALTER DATABASE PROD DB ENABLE REPLICATION TO ACCOUNTS MYORG. ACCOUNT2;

Answer: B

Explanation:
Explanation
According to the Snowflake documentation1, database replication across accounts within the same organization requires the following steps:
*Link the accounts in the organization using the ORGADMIN role.
*Enable account database replication for both the source and target accounts using the SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER function.
*Promote a local database to serve as the primary database and enable replication to the target accounts using the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command.
*Create a secondary database in the target account using the CREATE DATABASE ... FROM SHARE command.
*Refresh the secondary database periodically using the ALTER DATABASE ... REFRESH command.
Option A is incorrect because it does not include the step of creating a secondary database in the target account. Option C is incorrect because replicating databases across accounts within the same organization is not enabled by default, but requires enabling account database replication for both the source and target accounts. Option D is incorrect because it is possible to replicate a database from an Enterprise edition Snowflake account to a Standard edition Snowflake account, as long as the IGNORE EDITION CHECK option is used in the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command2.
Option B is correct because it includes all the necessary configuration steps in ACCOUNT1, except for creating a secondary database in ACCOUNT2, which can be done after the replication is enabled.

NEW QUESTION # 42
An Administrator wants to delegate the administration of a company's data exchange to users who do not have access to the ACCOUNTADMIN role.
How can this requirement be met?

• A. Grant modify on data exchange EXCHANGE_NAME to ROLE_NAME;
• B. Grant imported privileges on data exchange EXCHANGE_NAME to ROLE_NAME;
• C. Grant usage on data exchange EXCHANGE_NAME to ROLE_NAME;
• D. Grant ownership on data exchange EXCHANGE_NAME to ROLE NAME;

Answer: A

Explanation:
Explanation
According to the [GRANT MODIFY] documentation, the MODIFY privilege on a data exchange allows a role to perform administrative tasks on the data exchange, such as inviting members, approving profiles, and reviewing listings. This privilege can be granted by the ACCOUNTADMIN role or a role that already has the MODIFY privilege on the data exchange. Therefore, to delegate the administration of a company's data exchange to users who do not have access to the ACCOUNTADMIN role, the best option is to grant the MODIFY privilege on the data exchange to a role that the users can assume. The other options are incorrect because:
*A. There is no such privilege as IMPORTED PRIVILEGES in Snowflake. The correct privilege name is IMPORT SHARE, which allows a role to create a database from a share. This privilege is not related to the administration of a data exchange, but to the consumption of shared data.
*C. There is no such privilege as OWNERSHIP in Snowflake. The correct privilege name is OWNED BY, which indicates the role that owns an object and has full control over it. However, this privilege cannot be granted or revoked, but only transferred by the current owner to another role using the GRANT OWNERSHIP command. Therefore, this option is not feasible for delegating the administration of a data exchange.
*D. The USAGE privilege on a data exchange allows a role to access the data exchange and view the available data listings. This privilege does not allow a role to perform administrative tasks on the data exchange, such as inviting members, approving profiles, and reviewing listings. Therefore, this option is not sufficient for delegating the administration of a data exchange.

NEW QUESTION # 43
An organization's sales team leverages this Snowflake query a few times a day:
SELECT CUSTOMER ID, CUSTOMER_NAME, ADDRESS, PHONE NO
FROM CUSTOMERS
WHERE LAST UPDATED BETWEEN TO_DATE (CURRENT_TIMESTAMP) AND (TO_DATE (CURRENT_TIMESTAMP) -7); What can the Snowflake Administrator do to optimize the use of persisted query results whenever possible?

• A. Wrap the query in a User-Defined Function (UDF) to match syntax execution.
• B. Assign everyone on the sales team to the same security role.
• C. Leverage the CURRENT_DATE function for date calculations.
• D. Assign everyone on the sales team to the same virtual warehouse.

Answer: C

Explanation:
According to the web search results from my predefined tool search_web, one of the factors that affects the reuse of persisted query results is the exact match of the query syntax1. If the query contains functions that return different values for successive runs, such as CURRENT_TIMESTAMP, then the query will not match the previous query and will not benefit from the cache. To avoid this, the query should use functions that return consistent values for the same day, such as CURRENT_DATE, which returns the current date without the time component2. Option A is incorrect because wrapping the query in a UDF does not guarantee the syntax match, as the UDF may also contain dynamic functions. Option B is incorrect because the virtual warehouse does not affect the persisted query results, which are stored at the account level1. Option C is incorrect because the security role does not affect the persisted query results, as long as the role has the necessary privileges to access the tables and views used in the query1.
1: Using Persisted Query Results | Snowflake Documentation 2: Date and Time Functions | Snowflake Documentation

NEW QUESTION # 44
What are characteristics of data replication in Snowflake? (Select THREE).

• A. To start replication run the ALTER DATABASE ... REFRESH command on the account where the secondary database resides.
• B. The ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account.
• C. Users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization.
• D. Databases created from shares can be replicated.
• E. Replication can only occur within the same cloud provider.
• F. Users must be granted REPLICATIONADMIN privileges in order to enable replication.

Answer: B,C,D

Explanation:
Explanation
*Option A is correct because the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account that owns the database to be replicated1.
*Option B is incorrect because users must be granted REPLICATIONGRANTER privileges in order to enable replication1.
*Option C is incorrect because to start replication, the ALTER DATABASE ... REFRESH command must be run on the primary database, not the secondary database1.
*Option D is incorrect because replication can occur across different cloud providers, as well as across regions2.
*Option E is correct because databases created from shares can be replicated, as long as the share is active and the database is not dropped or altered1.
*Option F is correct because users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization1.

NEW QUESTION # 45
A Snowflake Administrator is investigating why a query is not re-using the persisted result cache.
The Administrator found the two relevant queries from the SNOWFLAKE. ACCOUNT_USAGE. QUERY_HISTORY view:

Why is the second query re-scanning micro-partitions instead of using the first query's persisted result cache?

• A. The queries are executed with two different virtual warehouses.
• B. The queries are executed with two different roles.
• C. The second query includes a CURRENT_DATE () function.
• D. The second query includes a CURRENT_TIMESTAMP () function.

Answer: D

Explanation:
The inclusion of the CURRENT_TIMESTAMP() function in the second query prevents it from re-using the first query's persisted result cache because this function makes each execution unique due to the constantly changing timestamp. According to the Snowflake documentation, "The query does not include non-reusable functions, which return different results for successive runs of the same query. UUID_STRING, RANDOM, and RANDSTR are good examples of non-reusable functions." The CURRENT_TIMESTAMP() function is another example of a non-reusable function, as it returns the current date and time at the start of query execution, which varies for each run. Therefore, the second query is not identical to the first query, and the result cache is not reused. The other options are either incorrect or irrelevant to the question. Option B is incorrect, as the CURRENT_DATE() function is a reusable function, as it returns the same value for all queries executed within the same day. Option C is irrelevant, as the virtual warehouse used to execute the query does not affect the result cache reuse. Option D is also irrelevant, as the role used to execute the query does not affect the result cache reuse, as long as the role has the necessary access privileges for all the tables used in the query.

NEW QUESTION # 46
A company's Snowflake account has multiple roles. Each role should have access only to data that resides in the given role's specific region.
When creating a row access policy, which code snippet below will provide privileges to the role ALL_ACCESS_ROLE to see all rows regardless of region, while the other roles can only see rows for their own regions?

• A. create or replace row access policy region policy as (region_value varchar) returns boolean -> exists ( select 1 from entitlement_table where role = current_role () and region = region_value )
• B. create or replace row access policy region policy as (region_value varchar) returns boolean ->
  'ALL ACCESS ROLE' = current_role ()
  )
• C. create or replace row access policy region policy as (region_value varchar) returns boolean ->
  'ALL_ACCESS_ROLE' = current_role ()
  or exists (
  select 1 from entitlement_table
  where role = current_role ()
  and region = region_value
  )
• D. create or replace row access policy region policy as (region_value varchar) returns boolean ->
  'ALL ACCESS_ROLE' = current_role ()
  and exists (
  select 1 from entitlement_table
  where role = current_role ()
  and region = region_value
  )

Answer: C

Explanation:
Explanation
This code snippet will create a row access policy that returns true if the current role is ALL_ACCESS_ROLE or if the current role matches the region value in the entitlement_table. This means that the ALL_ACCESS_ROLE can see all rows regardless of region, while the other roles can only see rows for their own regions. According to the Snowflake documentation, the CURRENT_ROLE context function returns the name of the current role for the session. The EXISTS function returns true if the subquery returns any rows.
The OR operator returns true if either operand is true. Therefore, this code snippet satisfies the requirements of the question.

NEW QUESTION # 47
A user with the proper role issues the following commands when setting up and activating network policies:
CREATE OR REPLACE NETWORK POLICY foo_policy
ALLOWED_IP_LIST = ( '1.1.1.0/24', '2.2.2.0/24' , '3.3. 3. 0/24' )
BLOCKED IP LIST = ( '1.1.1.1')
COMMENT = 'Account level policy';
ALTER ACCOUNT SET NETWORK_POLICY=FOO_POLICY;
CREATE OR REPLACE NETWORK POLICY bar_policy
ALLOWED_IP_LIST = ('3.3.3.0/24')
BLOCKED IP LIST = ('3.3.3.10')
COMMENT = 'user level policy';
ALTER USER userl SET NETWORK_POLICY=BAR_POLICY;
Afterwards, user1 attempts to log in to Snowflake from IP address 3.3.3.10.
Will the login be successful?

• A. Yes, because 3.3.3.10 is found in the ALLOWED_IP_LIST of foo_policy.
• B. No, because 3.3.3.10 is not found in the ALLOWED_IP_LIST of foo_policy.
• C. Yes, because 3.3.3.10 is found in the ALLOWED_IP_LIST of bar_policy.
• D. No, because 3.3.3.10 is found in the BLOCKED_IP_LIST of bar_policy.

Answer: D

Explanation:
Explanation
According to the Snowflake documentation1, network policies are a feature that allows restricting access to your account based on user IP address. A network policy can be applied to an account, a user, or a security integration, and can specify a list of allowed IP addresses and a list of blocked IP addresses. If there are network policies applied to more than one of these, the most specific network policy overrides more general network policies. In this case, the user1 has a network policy (bar_policy) applied to them, which overrides the account-level network policy (foo_policy). The bar_policy allows access only from the IP range 3.3.3.0/24, and blocks access from the IP address 3.3.3.10. Therefore, the user1 will not be able to log in to Snowflake from IP address 3.3.3.10, as it is found in the BLOCKED_IP_LIST of bar_policy. Option A is incorrect because the ALLOWED_IP_LIST of bar_policy does not override the BLOCKED_IP_LIST of bar_policy.
Option C is incorrect because the ALLOWED_IP_LIST of foo_policy does not apply to user1, as it is overridden by the user-level network policy. Option D is incorrect because the ALLOWED_IP_LIST of foo_policy does not matter, as it is overridden by the user-level network policy.

NEW QUESTION # 48
For Snowflake network policies, what will occur when the account_level and user_level network policies are both defined?

• A. The account_level policy will override the user_level policy.
• B. The user_level network policies will not be supported.
• C. A network policy error will be generated with no definitions provided.
• D. The user_level policy will override the account_level policy.

Answer: D

Explanation:
According to the Network Policies documentation, a network policy can be applied to an account, a security integration, or a user. If there are network policies applied to more than one of these, the most specific network policy overrides more general network policies. The following summarizes the order of precedence:
* Account: Network policies applied to an account are the most general network policies. They are overridden by network policies applied to a security integration or user.
* Security Integration: Network policies applied to a security integration override network policies applied to the account, but are overridden by a network policy applied to a user.
* User: Network policies applied to a user are the most specific network policies. They override both accounts and security integrations.
Therefore, if both the account_level and user_level network policies are defined, the user_level policy will take effect and the account_level policy will be ignored. The other options are incorrect because:
* The account_level policy will not override the user_level policy, as explained above.
* The user_level network policies will be supported, as they are part of the network policy feature.
* A network policy error will not be generated, as there is no conflict between the account_level and user_level network policies.

NEW QUESTION # 49
A Snowflake Administrator wants to create a virtual warehouse that supports several dashboards, issuing various queries on the same database.
For this warehouse, why should the Administrator consider setting AUTO_SUSPEND to 0 or NULL?

• A. To save costs on warehouse shutdowns and startups for different queries
• B. To save costs by running the warehouse as little as possible
• C. To keep the query result cache warm for good performance on repeated queries
• D. To keep the data cache warm to support good performance of similar queries

Answer: D

Explanation:
Explanation
According to the Snowflake documentation1, the AUTO_SUSPEND property specifies the number of seconds of inactivity after which a warehouse is automatically suspended. If the property is set to 0 or NULL, the warehouse never suspends automatically. For a warehouse that supports several dashboards, issuing various queries on the same database, setting AUTO_SUSPEND to 0 or NULL can help to keep the data cache warm, which means that the data used by the queries is already loaded into the warehouse memory and does not need to be fetched from the storage layer. This can improve the performance of similar queries that access the same data. Option A is incorrect because setting AUTO_SUSPEND to 0 or NULL does not save costs on warehouse shutdowns and startups, but rather increases the costs by keeping the warehouse running continuously. Option B is incorrect because setting AUTO_SUSPEND to 0 or NULL does not run the warehouse as little as possible, but rather runs the warehouse as much as possible. Option D is incorrect because setting AUTO_SUSPEND to 0 or NULL does not affect the query result cache, which is a separate cache that stores the results of previous queries for a period of time. The query result cache is not dependent on the warehouse state, but on the query criteria2.

NEW QUESTION # 50
An Administrator loads data into a staging table every day. Once loaded, users from several different departments perform transformations on the data and load it into different production tables.
How should the staging table be created and used to MINIMIZE storage costs and MAXIMIZE performance?

• A. Create it as a transient table with a retention time of 0 days.
• B. Create it as a permanent table with a retention time of 0 days.
• C. Create it as a temporary table with a retention time of 0 days.
• D. Create it as an external table, which will not incur Time Travel costs.

Answer: A

Explanation:
Explanation
According to the Snowflake documentation1, a transient table is a type of table that does not support Time Travel or Fail-safe, which means that it does not incur any storage costs for maintaining historical versions of the data or backups for disaster recovery. A transient table can be dropped at any time, and the data is not recoverable. A transient table can also have a retention time of 0 days, which means that the data is deleted immediately after the table is dropped or truncated. Therefore, creating the staging table as a transient table with a retention time of 0 days can minimize the storage costs and maximize the performance, as the data is only loaded and transformed once, and then deleted after the production tables are populated. Option A is incorrect because creating the staging table as an external table, which references data files stored in a cloud storage location, can incur additional costs and complexity for data transfer and synchronization, and may not provide the best performance for data loading and transformation. Option C is incorrect because creating the staging table as a temporary table, which is automatically dropped when the session ends or the user logs out, can cause data loss or inconsistency if the session is interrupted or terminated before the production tables are populated. Option D is incorrect because creating the staging table as a permanent table, which supports Time Travel and Fail-safe, can incur additional storage costs for maintaining historical versions of the data and backups for disaster recovery, and may not provide the best performance for data loading and transformation.

NEW QUESTION # 51
Which type of listing in the Snowflake Marketplace can be added and queried immediately?

• A. Personalized listing
• B. Monetized listing
• C. Regional listing
• D. Standard listing

Answer: D

Explanation:
According to the Snowflake documentation1, a standard listing is a type of listing that provides free access to the full data product, with no payment required. A standard listing can be added and queried immediately by the consumer, as long as they accept the terms and conditions of the listing. A monetized listing is a type of listing that charges for access to the data product, using the pricing models offered by Snowflake. A monetized listing requires the consumer to provide payment information and agree to the billing terms before accessing the data product. A regional listing is not a type of listing, but a way to specify the regions where the listing is available. A personalized listing is a type of listing that provides limited trial access to the data product, with unlimited access to the full data product available upon request. A personalized listing requires the consumer to request access from the provider and wait for the provider to grant access before accessing the data product. Therefore, the only type of listing that can be added and queried immediately is the standard listing.

NEW QUESTION # 52
DatabaseA has a single schema called Schema1. This schema contains many tables and views. The ANALYST role has privileges to select from all objects in DatabaseA. Schema1. The SYSADMIN role clones DatabaseA to DatabaseA_clone.
What privileges does the ANALYST role have on tables and views in DatabaseA_clone? (Select TWO).

• A. SELECT on all tables, and only secure views in DatabaseA_clone. Schemal
• B. SELECT on all tables, and only non-secure views in DatabaseA_clone. Schemal
• C. USAGE on the database DatabaseA_clone. Schemal
• D. SELECT on all tables and views in DatabaseA_clone. Schema1
• E. USAGE on the schema DatabaseA clone

Answer: B,D

Explanation:
According to the Snowflake documentation, when a database or schema is cloned, the clone inherits all granted privileges on the clones of all child objects contained in the source object, such as tables and views. However, the clone of the container itself does not inherit the privileges granted on the source container. Therefore, the ANALYST role will have SELECT privilege on all tables and views in DatabaseA_clone.Schema1, but not USAGE privilege on the database or schema. The type of view (secure or non-secure) does not affect the cloning of privileges.

NEW QUESTION # 53
Which command can temporarily disable Multi-factor Authentication (MFA) for the Snowflake username user1 for 24 hours?

• A. alter user userl set DISABLE_MFA=1440;
• B. alter user userl set HOURS_TO_BYPASS_MFA=24;
• C. alter user userl set MINS_TO_BYPASS_MFA=1440;
• D. alter user userl set TEMPORARY_MFA_BYPASS=1440;

Answer: C

Explanation:
According to the Snowflake documentation1, the MINS_TO_BYPASS_MFA property specifies the number of minutes to temporarily disable MFA for a user so that they can log in without the temporary token generated by the Duo Mobile application. After the time passes, MFA is enforced and the user cannot log in without the token. Therefore, to disable MFA for 24 hours, the value of this property should be set to 1440 minutes (24 x 60). Option B is incorrect because the DISABLE_MFA property is a boolean value that permanently disables MFA for a user, not a numeric value that specifies the duration. Option C is incorrect because there is no such property as TEMPORARY_MFA_BYPASS in Snowflake. Option D is incorrect because there is no such property as HOURS_TO_BYPASS_MFA in Snowflake.

NEW QUESTION # 54
......

Free SnowPro Advanced: Administrator ADA-C01 Exam Question: https://passguide.dumpexams.com/ADA-C01-vce-torrent.html