
[完全版]2024年最新のFast2test ADA-C01のPDFで最近更新された問題です
ADA-C01試験には保証が付きます。更新されたのは74問があります
質問 # 42
A retailer uses a TRANSACTIONS table (100M rows, 1.2 TB) that has been clustered by the STORE_ID column (varchar(50)). The vast majority of analyses on this table are grouped by STORE_ID to look at store performance.
There are 1000 stores operated by the retailer but most sales come from only 20 stores. The Administrator notes that most queries are currently experiencing poor pruning, with large amounts of bytes processed by even simple queries.
Why is this occurring?
- A. Sales across stores are not uniformly distributed.
- B. The cardinality of the stores to transaction count ratio is too low to use the STORE_ID as a clustering key.
- C. The STORE_ID should be numeric.
- D. The table is not big enough to take advantage of the clustering key.
正解:A
解説:
According to the Snowflake documentation1, clustering keys are most effective when the data is evenly distributed across the key values. If the data is skewed, such as in this case where most sales come from only 20 stores out of 1000, then the micro-partitions will not be well-clustered and the pruning will be poor. This means that more bytes will be scanned by queries, even if they filter by STORE_ID. Option A is incorrect because the data type of the clustering key does not affect the pruning. Option B is incorrect because the table is large enough to benefit from clustering, if the data was more balanced. Option D is incorrect because the cardinality of the clustering key is not relevant for pruning, as long as the key values are distinct.
1: Considerations for Choosing Clustering for a Table | Snowflake Documentation
質問 # 43
An Administrator loads data into a staging table every day. Once loaded, users from several different departments perform transformations on the data and load it into different production tables.
How should the staging table be created and used to MINIMIZE storage costs and MAXIMIZE performance?
- A. Create it as a permanent table with a retention time of 0 days.
- B. Create it as a temporary table with a retention time of 0 days.
- C. Create it as a transient table with a retention time of 0 days.
- D. Create it as an external table, which will not incur Time Travel costs.
正解:C
解説:
Explanation
According to the Snowflake documentation1, a transient table is a type of table that does not support Time Travel or Fail-safe, which means that it does not incur any storage costs for maintaining historical versions of the data or backups for disaster recovery. A transient table can be dropped at any time, and the data is not recoverable. A transient table can also have a retention time of 0 days, which means that the data is deleted immediately after the table is dropped or truncated. Therefore, creating the staging table as a transient table with a retention time of 0 days can minimize the storage costs and maximize the performance, as the data is only loaded and transformed once, and then deleted after the production tables are populated. Option A is incorrect because creating the staging table as an external table, which references data files stored in a cloud storage location, can incur additional costs and complexity for data transfer and synchronization, and may not provide the best performance for data loading and transformation. Option C is incorrect because creating the staging table as a temporary table, which is automatically dropped when the session ends or the user logs out, can cause data loss or inconsistency if the session is interrupted or terminated before the production tables are populated. Option D is incorrect because creating the staging table as a permanent table, which supports Time Travel and Fail-safe, can incur additional storage costs for maintaining historical versions of the data and backups for disaster recovery, and may not provide the best performance for data loading and transformation.
質問 # 44
What are characteristics of data replication in Snowflake? (Select THREE).
- A. To start replication run the ALTER DATABASE ... REFRESH command on the account where the secondary database resides.
- B. The ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account.
- C. Users must be granted REPLICATIONADMIN privileges in order to enable replication.
- D. Replication can only occur within the same cloud provider.
- E. Databases created from shares can be replicated.
- F. Users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization.
正解:B、E、F
解説:
* Option A is correct because the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account that owns the database to be replicated1.
* Option B is incorrect because users must be granted REPLICATIONGRANTER privileges in order to enable replication1.
* Option C is incorrect because to start replication, the ALTER DATABASE ... REFRESH command must be run on the primary database, not the secondary database1.
* Option D is incorrect because replication can occur across different cloud providers, as well as across regions2.
* Option E is correct because databases created from shares can be replicated, as long as the share is active and the database is not dropped or altered1.
* Option F is correct because users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization1.
質問 # 45
A Snowflake Administrator has a multi-cluster virtual warehouse and is using the Snowflake Business Critical edition. The minimum number of clusters is set to 2 and the maximum number of clusters is set to 10. This configuration works well for the standard workload, rarely exceeding 5 running clusters. However, once a month the Administrator notes that there are a few complex long-running queries that are causing increased queue time and the warehouse reaches its maximum limit at 10 clusters.
Which solutions will address the issues happening once a month? (Select TWO).
- A. Use a task to increase the cluster size for the time period that the more complex queries are running and another task to reduce the size of the cluster once the complex queries complete.
- B. Increase the minimum number of clusters started in the multi-cluster configuration to 5.
- C. Examine the complex queries and determine if they can be made more efficient usingclustering keys or materialized views.
- D. Have the group running the complex monthly queries use a separate appropriately-sized warehouse to support their workload.
- E. Increase the multi-cluster maximum to 20 or more clusters.
正解:A、D
解説:
Explanation
According to the Snowflake documentation1, a multi-cluster warehouse is a virtual warehouse that consists of multiple clusters of compute resources that can scale up or down automatically to handle the concurrency and performance needs of the queries submitted to the warehouse. A multi-cluster warehouse has a minimum and maximum number of clusters that can be specified by the administrator. Option A is a possible solution to address the issues happening once a month, as it allows the administrator to use a task to increase the cluster size for the time period that the more complex queries are running and another task to reduce the size of the cluster once the complex queries complete. This way, the warehouse can have more resources available to handle the complex queries without reaching the maximum limit of 10 clusters, and then return to the normal cluster size to save costs. Option B is another possible solution to address the issues happening once a month, as it allows the administrator to have the group running the complex monthly queries use a separate appropriately-sized warehouse to support their workload. This way, the warehouse can isolate the complex queries from the standard workload and avoid queue time and resource contention. Option C is not a recommended solution to address the issues happening once a month, as it would increase the costs and complexity of managing the multi-cluster warehouse, and may not solve the underlying problem of inefficient queries. Option D is a good practice to improve the performance of the queries, but it is not a direct solution to address the issues happening once a month, as it requires analyzing and optimizing the complex queries using clustering keys or materialized views, which may not be feasible or effective in all cases. Option E is not a recommended solution to address the issues happening once a month, as it would increase the costs and waste resources by starting more clusters than needed for the standard workload.
質問 # 46
Which commands can be performed by a user with the ORGADMIN role but not the ACCOUNTADMIN role? (Select TWO).
- A. SELECT SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER (
'ACCOUNT LOCATOR',
'ENABLE ACCOUNT DATABASE_REPLICATION',
'true'
); - B. SHOW REGIONS;
- C. GRANT ROLE ORGADMIN TO USER <username>;
- D. SHOW USERS;
- E. SHOW ORGANIZATION ACCOUNTS;
正解:A、E
解説:
Explanation
According to the Snowflake documentation1, the ORGADMIN role is a special system role that is responsible for managing operations at the organization level, such as creating and viewing accounts, enabling database replication, and setting global account parameters. The ACCOUNTADMIN role is a system role that is responsible for managing operations at the account level, such as creating and managing users, roles, warehouses, databases, and shares. Therefore, the commands that can be performed by the ORGADMIN role but not the ACCOUNTADMIN role are:
*SHOW ORGANIZATION ACCOUNTS: This command lists all the accounts in the organization and their properties, such as region, edition, and status2. The ACCOUNTADMIN role can only show the current account and its properties using the SHOW ACCOUNTS command3.
*SELECT SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER: This function sets a global account parameter for an account in the organization, such as enabling account database replication4. The ACCOUNTADMIN role can only set local account parameters using the ALTER ACCOUNT command.
Option A is incorrect because the SHOW REGIONS command can be executed by any role, not just the ORGADMIN role. Option B is incorrect because the SHOW USERS command can be executed by the ACCOUNTADMIN role, as well as any role that has been granted the MONITOR privilege on the account.
Option D is incorrect because the GRANT ROLE ORGADMIN TO USER <username> command can be executed by the ACCOUNTADMIN role, as well as any role that has been granted the ORGADMIN role1.
質問 # 47
What roles can be used to create network policies within Snowflake accounts? (Select THREE).
- A. Any role with the global permission of CREATE NETWORK POLICY
- B. SECURITYADMIN
- C. ORGADMIN
- D. SYSADMIN
- E. ACCOUNTADMIN
- F. Any role that owns the database where the network policy is created
正解:A、B、E
質問 # 48
A data provider wants to share data from multiple databases with a data consumer account.
How can this be accomplished?
- A. The data provider needs to create a secure view and grant the USAGE privilege on each database referenced by the secure view.
- B. The data provider needs to create a secure view and grant the REFERENCE_USAGE privilege on each database referenced by the secure view.
- C. The data provider needs to create a secure view and must grant the REFERENCE_USAGE privilege on the database where the secure view is created.
- D. The data provider needs to create a secure view and grant the REFERENCE_USAGE privilege to a database role to include objects from multiple databases in a share
正解:B
解説:
Explanation
Option B is the correct answer because it follows the steps described in the Snowflake documentation for sharing data from multiple databases using secure views. The data provider needs to grant the REFERENCE_USAGE privilege on each database that contains objects referenced by the secure view, and the USAGE privilege only on the database where the secure view is created. Option A is incorrect because it grants the USAGE privilege instead of the REFERENCE_USAGE privilege. Option C is incorrect because it grants the REFERENCE_USAGE privilege to a database role, which is not supported. Option D is incorrect because it grants the REFERENCE_USAGE privilege on the wrong database.
質問 # 49
A Snowflake Administrator created a role ROLE_MANAGED_ACCESS and a schema SCHEMA_MANAGED_ACCESS as follows:
USE ROLE SECURITYADMIN;
CREATE ROLE ROLE_MANAGED_ACCESS;
GRANT ROLE ROLE_MANAGED_ACCESS TO ROLE SYSADMIN;
GRANT USAGE ON WAREHOUSE COMPUTE_WH TO ROLE ROLE_MANAGED_ACCESS;
GRANT ALL privileges ON DATABASE WORK TO ROLE ROLE_MANAGED_ACCESS;
USE ROLE ROLE_MANAGED_ACCESS;
CREATE SCHEMA SCHEMA_MANAGED_ACCESS WITH MANAGED ACCESS;
USE ROLE SECURITYADMIN;
GRANT SELECT, INSERT ON FUTURE TABLES IN SCHEMA SCHEMA MANAGED ACCESS to ROLE_MANAGED_ACCESS; The Administrator now wants to disable the managed access on the schema.
How can this be accomplished?
- A. USE ROLE ROLE_MANAGED_ACCESS;
DROP SCHEMA WORK. SCHEMA MANAGED_ACCESS;
CREATE SCHEMA SCHEMA_MANAGED_ACCESS WITHOUT MANAGED ACCESS;
Then recreate all needed objects. - B. ALTER SCHEMA SCHEMA MANAGED ACCESS DISABLE MANAGED ACCESS;
- C. REVOKE SELECT, INSERT ON FUTURE TABLES IN SCHEMA SCHEMA_MANAGED_ACCESS FROM ROLE_MANAGED_ACCESS; ALTER SCHEMA SCHEMA MANAGED ACCESS DISABLE MANAGED ACCESS;
- D. USE ROLE ROLE MANAGED_ACCESS;
DROP SCHEMA WORK. SCHEMA_MANAGED_ACCESS;
CREATE SCHEMA SCHEMA_MANAGED_ACCESS;
Then recreate all needed objects.
正解:B
解説:
According to the Snowflake documentation1, you can change a managed access schema to a regular schema using the ALTER SCHEMA statement with the DISABLE MANAGED ACCESS keywords. This will disable the managed access feature on the schema and revert the access control to the default behavior. Option B is incorrect because dropping and recreating the schema will also delete all the objects and metadata in the schema, which is not necessary to disable the managed access. Option C is incorrect because revoking the privileges on the future tables from the role is not required to disable the managed access. Option D is incorrect because there is no WITHOUT MANAGED ACCESS option in the CREATE SCHEMA statement.
質問 # 50
The ACCOUNTADMIN of Account 123 works with Snowflake Support to set up a Data Exchange. After the exchange is populated with listings from other Snowflake accounts, what roles in Account 123 are allowed to request and get data?
- A. Any role with IMPORT SHARE and CREATE DATABASE privileges
- B. Any role with USAGE privilege on the Data Exchange
- C. Any role that the listing provider has designated as authorized
- D. Only the ACCOUNTADMIN role, and no other roles
正解:B
解説:
Explanation
To request and get data from a Data Exchange, the role in Account 123 must have the USAGE privilege on the Data Exchange object. This privilege allows the role to view the listings and request access to the data.
According to the Snowflake documentation, "To view the listings in a data exchange, a role must have the USAGE privilege on the data exchange object. To request access to a listing, a role must have the USAGE privilege on the data exchange object and the IMPORT SHARE privilege on the account." The other options are either incorrect or not sufficient to request and get data from a Data Exchange. Option A is incorrect, as the ACCOUNTADMIN role is not the only role that can request and get data, as long as other roles have the necessary privileges. Option C is incorrect, as the IMPORT SHARE and CREATE DATABASE privileges are not required to request and get data, but only to create a database from a share after the access is granted.
Option D is incorrect, as the listing provider does not designate the authorized roles in Account 123, but only approves or denies the requests from Account 123.
質問 # 51
What SCIM integration types are supported in Snowflake? (Select THREE).
- A. Custom
- B. Amazon Web Services (AWS)
- C. Azure Active Directory (Azure AD)
- D. Google Cloud Platform (GCP)
- E. Okta
- F. Duo Security Provisioning Connector
正解:A、C、E
解説:
Explanation
According to the Snowflake documentation1, Snowflake supports SCIM 2.0 to integrate Snowflake with Okta and Microsoft Azure AD, which both function as identity providers. Snowflake also supports identity providers that are neither Okta nor Microsoft Azure (i.e. Custom). Therefore, theSCIM integration types that are supported in Snowflake are Okta, Custom, and Azure AD. Option A is incorrect because Amazon Web Services (AWS) is not a SCIM identity provider. Option B is incorrect because Google Cloud Platform (GCP) is not a SCIM identity provider. Option F is incorrect because Duo Security Provisioning Connector is not a SCIM identity provider.
質問 # 52
The following SQL command was executed:
Use role SECURITYADMIN;
Grant ownership
On future tables
In schema PROD. WORKING
To role PROD_WORKING_OWNER;
Grant role PROD_WORKING_OWNER to role SYSADMIN;
Use role ACCOUNTADMIN;
Create table PROD.WORKING.XYZ (value number) ;
Which role(s) can alter or drop table XYZ?
- A. Only the PROD_WORKING_OWNER role can alter or drop table XYZ.
- B. PROD_WORKING_OWNER, ACCOUNTADMIN, and SYSADMIN can alter or drop table XYZ.
- C. SECURITYADMIN, SYSADMIN, and ACCOUNTADMIN can alter or drop table XYZ.
- D. Because ACCOUNTADMIN created the table, only the ACCOUNTADMIN role can alter or drop table XYZ.
正解:B
解説:
According to the GRANT OWNERSHIP documentation, the ownership privilege grants full control over the table and can only be held by one role at a time. However, the current owner can also grant the ownership privilege to another role, which transfers the ownership to the new role. In this case, the SECURITYADMIN role granted the ownership privilege on future tables in the PROD.WORKING schema to the PROD_WORKING_OWNER role. This means that any table created in that schema after the grant statement will be owned by the PROD_WORKING_OWNER role. Therefore, the PROD_WORKING_OWNER role can alter or drop table XYZ, which was created by the ACCOUNTADMIN role in the PROD.WORKING schema. Additionally, the ACCOUNTADMIN role can also alter or drop table XYZ, because it is the top-level role that has all privileges on all objects in the account. Furthermore, the SYSADMIN role can also alter or drop table XYZ, because it was granted the PROD_WORKING_OWNER role by the SECURITYADMIN role. The SYSADMIN role can activate the PROD_WORKING_OWNER role and inherit its privileges, including the ownership privilege on table XYZ. The SECURITYADMIN role cannot alter or drop table XYZ, because it does not have the ownership privilege on the table, nor does it have the PROD_WORKING_OWNER role.
質問 # 53
What are characteristics of data replication in Snowflake? (Select THREE).
- A. To start replication run the ALTER DATABASE ... REFRESH command on the account where the secondary database resides.
- B. The ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account.
- C. Users must be granted REPLICATIONADMIN privileges in order to enable replication.
- D. Replication can only occur within the same cloud provider.
- E. Databases created from shares can be replicated.
- F. Users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization.
正解:B、E、F
解説:
Explanation
*Option A is correct because the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account that owns the database to be replicated1.
*Option B is incorrect because users must be granted REPLICATIONGRANTER privileges in order to enable replication1.
*Option C is incorrect because to start replication, the ALTER DATABASE ... REFRESH command must be run on the primary database, not the secondary database1.
*Option D is incorrect because replication can occur across different cloud providers, as well as across regions2.
*Option E is correct because databases created from shares can be replicated, as long as the share is active and the database is not dropped or altered1.
*Option F is correct because users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization1.
質問 # 54
An Administrator has been asked to support the company's application team need to build a loyalty program for its customers. The customer table contains Personal Identifiable Information (PII), and the application team's role is DEVELOPER.
CREATE TABLE customer_data (
customer_first_name string,
customer_last_name string,
customer_address string,
customer_email string,
... some other columns,
);
The application team would like to access the customer data, but the email field must be obfuscated.
How can the Administrator protect the sensitive information, while maintaining the usability of the data?
- A. Use the CURRENT_ROLE and CURRENT_USER context functions to integrate with a secure view and filter the sensitive data.
- B. Create a separate table for all the non-Pll columns and grant the role DEVELOPER access to the new table.
- C. Create a view on the customer_data table to eliminate the email column by omitting it from the SELECT clause. Grant the role DEVELOPER access to the view.
- D. Use the CURRENT_ROLE context function to integrate with a masking policy on the fields that contain sensitive data.
正解:D
質問 # 55
When a role is dropped, which role inherits ownership of objects owned by the dropped role?
- A. The role executing the command
- B. The SECURITYADMIN role
- C. The role above the dropped role in the RBAC hierarchy
- D. The SYSADMIN role
正解:C
解説:
According to the Snowflake documentation1, when a role is dropped, ownership of all objects owned by the dropped role is transferred to the role that is directly above the dropped role in the role hierarchy. This is to ensure that there is always a single owner for each object in the system.
1: Drop Role | Snowflake Documentation
質問 # 56
An Administrator receives data from a Snowflake partner. The partner is sharing a dataset that contains multiple secure views. The Administrator would like to configure the data so that only certain roles can see certain secure views.
How can this be accomplished?
- A. Individually grant imported privileges onto the schema in the share.
- B. Apply RBAC directly onto the partner's shared secure views.
- C. Create views over the incoming shared database and apply the desired RBAC onto these views.
- D. Clone the data and insert it into a company-owned share and apply the desired RBAC on the new tables.
正解:C
解説:
According to the Snowflake documentation1, secure views are only exposed to authorized users who have been granted the role that owns the view. Therefore, applying RBAC directly onto the partner's shared secure views (option A) is not possible, as the administrator does not own those views. Individually granting imported privileges onto the schema in the share (option B) is also not feasible, as the privileges granted on the schema do not apply to existing secure views, only to future ones2. Cloning the data and inserting it into a company-owned share (option C) is not recommended, as it would create unnecessary duplication of data and increase storage costs. The best option is to create views over the incoming shared database and apply the desired RBAC onto these views (option D). This way, the administrator can control the access to the data based on the roles in their account, without modifying the original data or views from the partner.
質問 # 57
A team of developers created a new schema for a new project. The developers are assigned the role DEV_TEAM which was set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE DEV TEAM;
GRANT USAGE, CREATE SCHEMA ON DATABASE DEV_DB01 TO ROLE DEV_TEAM;
GRANT USAGE ON WAREHOUSE DEV_WH TO ROLE DEV_TEAM;
Each team member's access is set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE JDOE_PROFILE;
CREATE USER JDOE LOGIN NAME = 'JDOE' DEFAULT_ROLE='JDOE_PROFILE';
GRANT ROLE JDOE_PROFILE TO USER JDOE;
GRANT ROLE DEV_TEAM TO ROLE JDOE_PROFILE;
New tables created by any of the developers are not accessible by the team as a whole.
How can an Administrator address this problem?
- A. Assign ownership privilege to DEV_TEAM on the newly-created schema.
- B. Assign usage privilege on the virtual warehouse DEV_WH to the role JDOE_PROFILE.
- C. Set up the new schema as a managed-access schema.
- D. Set up future grants on the newly-created schemas.
正解:D
解説:
Explanation
According to the Snowflake documentation1, future grants are a way to automatically grant privileges on future objects of a specific type that are created in a database or schema. By setting up future grants on the newly-created schemas, the administrator can ensure that any tables created by the developers in those schemas will be accessible by the DEV_TEAM role, without having to grant privileges on each table individually. Option A is incorrect because assigning ownership privilege to DEV_TEAM on the newly-created schema does not grant privileges on the tables in the schema, only on the schema itself. Option B is incorrect because assigning usage privilege on the virtual warehouse DEV_WH to the role JDOE_PROFILE does not affect the access to the tables in the schemas, only the ability to use the warehouse.
Option D is incorrect because setting up the new schema as a managed-access schema does not grant privileges on the tables in the schema, but rather requires explicit grants for each table.
質問 # 58
......
最新のADA-C01合格保証付き試験問題集の認定サンプル問題:https://jp.fast2test.com/ADA-C01-premium-file.html