ADA-C01 PDF問題集リアル2024最近更新された問題 [Q26-Q43]

Share

ADA-C01 PDF問題集リアル2024最近更新された問題

リリースSnowflake ADA-C01更新された問題PDF

質問 # 26
What roles can be used to create network policies within Snowflake accounts? (Select THREE).

  • A. SECURITYADMIN
  • B. ACCOUNTADMIN
  • C. ORGADMIN
  • D. Any role with the global permission of CREATE NETWORK POLICY
  • E. SYSADMIN
  • F. Any role that owns the database where the network policy is created

正解:A、B、D

解説:
Network policies are used to restrict access to the Snowflake service and internal stages based on user IP address1. To create network policies, a role must have the global permission of CREATE NETWORK POLICY2. By default, the system-defined roles of SECURITYADMIN and ACCOUNTADMIN have this permission3. However, any other role can be granted this permission by an administrator4. Therefore, the answer is B, C, and E. The other options are incorrect because SYSADMIN and ORGADMIN do not have the CREATE NETWORK POLICY permission by default3, and network policies are not tied to specific databases5.


質問 # 27
What session parameter can be used to test the integrity of secure views based on the account that is accessing that view?

  • A. MIMIC_CONSUMER_ACCOUNT
  • B. PRODUCER_TEST_ACCT
  • C. TEST_ACCOUNT_ID
  • D. SIMULATED_DATA_SHARING_CONSUMER

正解:D

解説:
The SIMULATED_DATA_SHARING_CONSUMER session parameter allows a data provider to test the integrity of secure views based on the account that is accessing that view2. By setting this parameter to the name of the consumer account, the data provider can query the secure view and see the results that a user in the consumer account will see2. This helps to ensure that sensitive data in a shared database is not exposed to unauthorized users1. The other options are not valid session parameters in Snowflake3


質問 # 28
MY_TABLE is a table that has not been updated or modified for several days. On 01 January 2021 at 07:01, a user executed a query to update this table. The query ID is
'8e5d0ca9-005e-44e6-b858-a8f5b37c5726'. It is now 07:30 on the same day.
Which queries will allow the user to view the historical data that was in the table before this query was executed? (Select THREE).

  • A. SELECT * FROM my table WITH TIME_TRAVEL (OFFSET => -60*30);
  • B. SELECT * FROM my_table BEFORE (STATEMENT => '8e5d0ca9-005e-44e6-b858-a8f5b37c5726');
  • C. SELECT * FROM my_table AT (OFFSET => -60*30);
  • D. SELECT * FROM my table PRIOR TO STATEMENT '8e5d0ca9-005e-44e6-b858-a8f5b37c5726';
  • E. SELECT * FROM TIME_TRAVEL ('MY_TABLE', 2021-01-01 07:00:00);
  • F. SELECT * FROM my_table AT (TIMESTAMP => '2021-01-01 07:00:00' :: timestamp);

正解:B、D、F

解説:
Explanation
According to the AT | BEFORE documentation, the AT or BEFORE clause is used for Snowflake Time Travel, which allows you to query historical data from a table based on a specific point in the past. The clause can use one of the following parameters to pinpoint the exact historical data you wish to access:
*TIMESTAMP: Specifies an exact date and time to use for Time Travel.
*OFFSET: Specifies the difference in seconds from the current time to use for Time Travel.
*STATEMENT: Specifies the query ID of a statement to use as the reference point for Time Travel.
Therefore, the queries that will allow the user to view the historical data that was in the table before the query was executed are:
*B. SELECT * FROM my_table AT (TIMESTAMP => '2021-01-01 07:00:00' :: timestamp); This query uses the TIMESTAMP parameter to specify a point in time that is before the query execution time of 07:01.
*D. SELECT * FROM my table PRIOR TO STATEMENT '8e5d0ca9-005e-44e6-b858-a8f5b37c5726'; This query uses the PRIOR TO STATEMENT keyword and the STATEMENT parameter to specify a point in time that is immediately preceding the query execution time of 07:01.
*F. SELECT * FROM my_table BEFORE (STATEMENT => '8e5d0ca9-005e-44e6-b858-a8f5b37c5726'); This query uses the BEFORE keyword and the STATEMENT parameter to specify a point in time that is immediately preceding the query execution time of 07:01.
The other queries are incorrect because:
*A. SELECT * FROM my table WITH TIME_TRAVEL (OFFSET => -60*30); This query uses the OFFSET parameter to specify a point in time that is 30 minutes before the current time, which is 07:30. This is after the query execution time of 07:01, so it will not show the historical data before the query was executed.
*C. SELECT * FROM TIME_TRAVEL ('MY_TABLE', 2021-01-01 07:00:00); This query is not valid syntax for Time Travel. The TIME_TRAVEL function does not exist in Snowflake. The correct syntax is to use the AT or BEFORE clause after the table name in the FROM clause.
*E. SELECT * FROM my_table AT (OFFSET => -60*30); This query uses the AT keyword and the OFFSET parameter to specify a point in time that is 30 minutes before the current time, which is 07:30. This is equal to the query execution time of 07:01, so it will not show the historical data before the query was executed. The AT keyword specifies that the request is inclusive of any changes made by a statement or transaction with timestamp equal to the specified parameter. To exclude the changes made by the query, the BEFORE keyword should be used instead.


質問 # 29
A data provider wants to share data from multiple databases with a data consumer account.
How can this be accomplished?

  • A. The data provider needs to create a secure view and must grant the REFERENCE_USAGE privilege on the database where the secure view is created.
  • B. The data provider needs to create a secure view and grant the REFERENCE_USAGE privilege on each database referenced by the secure view.
  • C. The data provider needs to create a secure view and grant the USAGE privilege on each database referenced by the secure view.
  • D. The data provider needs to create a secure view and grant the REFERENCE_USAGE privilege to a database role to include objects from multiple databases in a share

正解:B

解説:
Option B is the correct answer because it follows the steps described in the Snowflake documentation for sharing data from multiple databases using secure views. The data provider needs to grant the REFERENCE_USAGE privilege on each database that contains objects referenced by the secure view, and the USAGE privilege only on the database where the secure view is created. Option A is incorrect because it grants the USAGE privilege instead of the REFERENCE_USAGE privilege. Option C is incorrect because it grants the REFERENCE_USAGE privilege to a database role, which is not supported. Option D is incorrect because it grants the REFERENCE_USAGE privilege on the wrong database.


質問 # 30
Which masking policy will mask a column whenever it is queried through a view owned by a role named MASKED_VIEW_ROLE?

  • A. create or replace masking policy maskString as (val string) returns string -> case when array_contains ('MASKED_VIEW_ROLE' :: variant, parse_json (current_available_roles ())) then
    '*
    else val
    end;
    ** '
  • B. create or replace masking policy maskstring as (val string) returns string -> case when is_role_in_session ('MASKED_VIEW_ROLE') then ' ** else val end;
    *,
  • C. create or replace masking policy maskString as (val string) returns string -> case when current_role() in ('MASKED_VIEW_ROLE') then ' ********* ' else val end;
  • D. create or replace masking policy maskstring as (val string) returns string -> case when invoker_role() in ('MASKED_VIEW_ROLE') then else val end;
    ' **

正解:B

解説:
Explanation
A masking policy is a SQL expression that transforms the data in a column based on the role that queries the column1. The is_role_in_session function returns true if the specified role is in the current session2. Therefore, the masking policy in option A will mask the column data with asterisks whenever it is queried through a view owned by the MASKED_VIEW_ROLE3. The other options use different functions that do not check the ownership of the view, but rather the current role, the invoker role, or the available roles in the session45.
These functions may not return the desired result if the role that owns the view is different from the role that queries the view.


質問 # 31
What SCIM integration types are supported in Snowflake? (Select THREE).

  • A. Azure Active Directory (Azure AD)
  • B. Custom
  • C. Duo Security Provisioning Connector
  • D. Google Cloud Platform (GCP)
  • E. Okta
  • F. Amazon Web Services (AWS)

正解:A、B、E

解説:
Explanation
According to the Snowflake documentation1, Snowflake supports SCIM 2.0 to integrate Snowflake with Okta and Microsoft Azure AD, which both function as identity providers. Snowflake also supports identity providers that are neither Okta nor Microsoft Azure (i.e. Custom). Therefore, theSCIM integration types that are supported in Snowflake are Okta, Custom, and Azure AD. Option A is incorrect because Amazon Web Services (AWS) is not a SCIM identity provider. Option B is incorrect because Google Cloud Platform (GCP) is not a SCIM identity provider. Option F is incorrect because Duo Security Provisioning Connector is not a SCIM identity provider.


質問 # 32
Review the output of the SHOW statement below which displays the current grants on the table DB1. S1. T1:

This statement is executed:
USE ROLE ACCOUNTADMIN;
DROP ROLE A;
What will occur?

  • A. The SELECT privilege on table DB1. S1. T1 to role B will be shown as GRANTED_BY the role ACCOUNTADMIN.
  • B. The OWNERSHIP privilege on table DB1. S1. T1 will be transferred to the ACCOUNTADMIN role.
  • C. The SELECT privileges for roles B and C will remain.
  • D. The table object DB1. S1. T1 will be dropped.

正解:C

解説:
Explanation
Dropping role A does not affect the SELECT privileges granted to roles B and C on the table DB1.S1.T1.
According to the Snowflake documentation, dropping a role revokes all privileges granted to the role, but does not revoke any privileges granted by the role. Therefore, the OWNERSHIP privilege on the table DB1.S1.T1 will be revoked from role A, but the SELECT privileges granted by role A to role B and by role B to role C will remain. The GRANTED_BY column will still show the original grantor of the privilege, not the ACCOUNTADMIN role.


質問 # 33
What are characteristics of data replication in Snowflake? (Select THREE).

  • A. Replication can only occur within the same cloud provider.
  • B. Users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization.
  • C. The ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account.
  • D. Users must be granted REPLICATIONADMIN privileges in order to enable replication.
  • E. Databases created from shares can be replicated.
  • F. To start replication run the ALTER DATABASE ... REFRESH command on the account where the secondary database resides.

正解:B、C、E

解説:
Explanation
*Option A is correct because the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command must be issued from the primary account that owns the database to be replicated1.
*Option B is incorrect because users must be granted REPLICATIONGRANTER privileges in order to enable replication1.
*Option C is incorrect because to start replication, the ALTER DATABASE ... REFRESH command must be run on the primary database, not the secondary database1.
*Option D is incorrect because replication can occur across different cloud providers, as well as across regions2.
*Option E is correct because databases created from shares can be replicated, as long as the share is active and the database is not dropped or altered1.
*Option F is correct because users can have unlimited primary databases and they can be replicated to an unlimited number of accounts if all accounts are within the same organization1.


質問 # 34
.
Company A uses Snowflake to manage audio files of call recordings. Company A hired Company B, who also uses Snowflake, to transcribe the audio files for further analysis.
Company A's Administrator created a share.
What object should be added to the share to allow Company B access to the files?

  • A. A secure view with a column for the stage name and a column for the file path.
  • B. A secure view with a column for file URLs.
  • C. A secure view with a column for pre-signed URLs.
  • D. A secure view with a column for METADATA$FILENAME.

正解:C

解説:
According to the Snowflake documentation1, pre-signed URLs are required to access external files in a share. A secure view can be used to generate pre-signed URLs for the audio files stored in an external stage and expose them to the consumer account. Option A is incorrect because file URLs alone are not sufficient to access external files in a share. Option C is incorrect because METADATA$FILENAME only returns the file name, not the full path or URL. Option D is incorrect because the stage name and file path are not enough to generate pre-signed URLs.


質問 # 35
Which type of listing in the Snowflake Marketplace can be added and queried immediately?

  • A. Regional listing
  • B. Monetized listing
  • C. Standard listing
  • D. Personalized listing

正解:C

解説:
According to the Snowflake documentation1, a standard listing is a type of listing that provides free access to the full data product, with no payment required. A standard listing can be added and queried immediately by the consumer, as long as they accept the terms and conditions of the listing. A monetized listing is a type of listing that charges for access to the data product, using the pricing models offered by Snowflake. A monetized listing requires the consumer to provide payment information and agree to the billing terms before accessing the data product. A regional listing is not a type of listing, but a way to specify the regions where the listing is available. A personalized listing is a type of listing that provides limited trial access to the data product, with unlimited access to the full data product available upon request. A personalized listing requires the consumer to request access from the provider and wait for the provider to grant access before accessing the data product. Therefore, the only type of listing that can be added and queried immediately is the standard listing.


質問 # 36
An organization's sales team leverages this Snowflake query a few times a day:
SELECT CUSTOMER ID, CUSTOMER_NAME, ADDRESS, PHONE NO
FROM CUSTOMERS
WHERE LAST UPDATED BETWEEN TO_DATE (CURRENT_TIMESTAMP) AND (TO_DATE
(CURRENT_TIMESTAMP) -7);
What can the Snowflake Administrator do to optimize the use of persisted query results whenever possible?

  • A. Assign everyone on the sales team to the same security role.
  • B. Leverage the CURRENT_DATE function for date calculations.
  • C. Assign everyone on the sales team to the same virtual warehouse.
  • D. Wrap the query in a User-Defined Function (UDF) to match syntax execution.

正解:B

解説:
Explanation
According to the web search results from my predefined tool search_web, one of the factors that affects the reuse of persisted query results is the exact match of the query syntax1. If the query contains functions that return different values for successive runs, such as CURRENT_TIMESTAMP, then the query will not match the previous query and will not benefit from the cache. To avoid this, the query should use functions that return consistent values for the same day, such as CURRENT_DATE, which returns the current date without the time component2. Option A is incorrect because wrapping the query in a UDF does not guarantee the syntax match, as the UDF may also contain dynamic functions. Option B is incorrect because the virtual warehouse does not affect the persisted query results, which are stored at the account level1. Option C is incorrect because the security role does not affect the persisted query results, as long as the role has the necessary privileges to access the tables and views used in the query1.
1: Using Persisted Query Results | Snowflake Documentation 2: Date and Time Functions | Snowflake Documentation


質問 # 37
The following SQL command was executed:
Use role SECURITYADMIN;
Grant ownership
On future tables
In schema PROD. WORKING
To role PROD_WORKING_OWNER;
Grant role PROD_WORKING_OWNER to role SYSADMIN;
Use role ACCOUNTADMIN;
Create table PROD.WORKING.XYZ (value number) ;
Which role(s) can alter or drop table XYZ?

  • A. Because ACCOUNTADMIN created the table, only the ACCOUNTADMIN role can alter or drop table XYZ.
  • B. SECURITYADMIN, SYSADMIN, and ACCOUNTADMIN can alter or drop table XYZ.
  • C. PROD_WORKING_OWNER, ACCOUNTADMIN, and SYSADMIN can alter or drop table XYZ.
  • D. Only the PROD_WORKING_OWNER role can alter or drop table XYZ.

正解:C

解説:
According to the GRANT OWNERSHIP documentation, the ownership privilege grants full control over the table and can only be held by one role at a time. However, the current owner can also grant the ownership privilege to another role, which transfers the ownership to the new role. In this case, the SECURITYADMIN role granted the ownership privilege on future tables in the PROD.WORKING schema to the PROD_WORKING_OWNER role. This means that any table created in that schema after the grant statement will be owned by the PROD_WORKING_OWNER role. Therefore, the PROD_WORKING_OWNER role can alter or drop table XYZ, which was created by the ACCOUNTADMIN role in the PROD.WORKING schema. Additionally, the ACCOUNTADMIN role can also alter or drop table XYZ, because it is the top-level role that has all privileges on all objects in the account. Furthermore, the SYSADMIN role can also alter or drop table XYZ, because it was granted the PROD_WORKING_OWNER role by the SECURITYADMIN role. The SYSADMIN role can activate the PROD_WORKING_OWNER role and inherit its privileges, including the ownership privilege on table XYZ. The SECURITYADMIN role cannot alter or drop table XYZ, because it does not have the ownership privilege on the table, nor does it have the PROD_WORKING_OWNER role.


質問 # 38
What access control policy will be put into place when future grants are assigned to both database and schema objects?

  • A. Schema privileges will take precedence over database privileges.
  • B. An access policy combining both the database object and the schema object will be used, with the most restrictive policy taking precedence.
  • C. Database privileges will take precedence over schema privileges.
  • D. An access policy combining both the database object and the schema object will be used, with the most permissive policy taking precedence.

正解:A

解説:
When future grants are defined on the same object type for a database and a schema in the same database, the schema-level grants take precedence over the database level grants, and the database level grants are ignored4. This behavior applies to privileges on future objects granted to one role or different roles4. Future grants allow defining an initial set of privileges to grant on new (i.e. future) objects of a certain type in a database or a schema3. As soon as the new objects are created inside the database or schema, the predefined set of privileges are assigned to the object automatically without any manual intervention3.


質問 # 39
A Snowflake organization MYORG consists of two Snowflake accounts:

The ACCOUNT1 has a database PROD_DB and the ORGADMIN role enabled.
Management wants to have the PROD_DB database replicated to ACCOUNT2.
Are there any necessary configuration steps in ACCOUNT1 before the database replication can be configured and initiated in ACCOUNT2?

  • A. USE ROLE ORGADMIN;
    SELECT SYSTEMSGLOBAL ACCOUNT SET_PARAMETER ( 'MYORG. ACCOUNT1',
    'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE');
    USE ROLE ACCOUNTADMIN;
    ALTER DATABASE PROD_DB ENABLE REPLICATION TO ACCOUNTS MYORG. ACCOUNT2
    IGNORE EDITION CHECK;
  • B. No configuration steps are necessary in ACCOUNT1. Replicating databases across accounts within the same Snowflake organization is enabled by default.
  • C. It is not possible to replicate a database from an Enterprise edition Snowflake account to a Standard edition Snowflake account.
  • D. USE ROLE ORGADMIN;
    SELECT SYSTEMSGLOBAL_ACCOUNT_SET_PARAMETER ('MYORG. ACCOUNT1',
    'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE');
    SELECT SYSTEMSGLOBAL_ACCOUNT_SET_PARAMETER ('MYORG. ACCOUNT2',
    'ENABLE_ACCOUNT_DATABASE_REPLICATION', 'TRUE');
    USE ROLE ACCOUNTADMIN;
    ALTER DATABASE PROD DB ENABLE REPLICATION TO ACCOUNTS MYORG. ACCOUNT2;

正解:A

解説:
Explanation
According to the Snowflake documentation1, database replication across accounts within the same organization requires the following steps:
*Link the accounts in the organization using the ORGADMIN role.
*Enable account database replication for both the source and target accounts using the SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER function.
*Promote a local database to serve as the primary database and enable replication to the target accounts using the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command.
*Create a secondary database in the target account using the CREATE DATABASE ... FROM SHARE command.
*Refresh the secondary database periodically using the ALTER DATABASE ... REFRESH command.
Option A is incorrect because it does not include the step of creating a secondary database in the target account. Option C is incorrect because replicating databases across accounts within the same organization is not enabled by default, but requires enabling account database replication for both the source and target accounts. Option D is incorrect because it is possible to replicate a database from an Enterprise edition Snowflake account to a Standard edition Snowflake account, as long as the IGNORE EDITION CHECK option is used in the ALTER DATABASE ... ENABLE REPLICATION TO ACCOUNTS command2.
Option B is correct because it includes all the necessary configuration steps in ACCOUNT1, except for creating a secondary database in ACCOUNT2, which can be done after the replication is enabled.


質問 # 40
A Snowflake Administrator wants to create a virtual warehouse that supports several dashboards, issuing various queries on the same database.
For this warehouse, why should the Administrator consider setting AUTO_SUSPEND to 0 or NULL?

  • A. To keep the data cache warm to support good performance of similar queries
  • B. To save costs on warehouse shutdowns and startups for different queries
  • C. To keep the query result cache warm for good performance on repeated queries
  • D. To save costs by running the warehouse as little as possible

正解:A

解説:
Explanation
According to the Snowflake documentation1, the AUTO_SUSPEND property specifies the number of seconds of inactivity after which a warehouse is automatically suspended. If the property is set to 0 or NULL, the warehouse never suspends automatically. For a warehouse that supports several dashboards, issuing various queries on the same database, setting AUTO_SUSPEND to 0 or NULL can help to keep the data cache warm, which means that the data used by the queries is already loaded into the warehouse memory and does not need to be fetched from the storage layer. This can improve the performance of similar queries that access the same data. Option A is incorrect because setting AUTO_SUSPEND to 0 or NULL does not save costs on warehouse shutdowns and startups, but rather increases the costs by keeping the warehouse running continuously. Option B is incorrect because setting AUTO_SUSPEND to 0 or NULL does not run the warehouse as little as possible, but rather runs the warehouse as much as possible. Option D is incorrect because setting AUTO_SUSPEND to 0 or NULL does not affect the query result cache, which is a separate cache that stores the results of previous queries for a period of time. The query result cache is not dependent on the warehouse state, but on the query criteria2.


質問 # 41
In which scenario will use of an external table simplify a data pipeline?

  • A. When accessing a Snowflake table that references data files located in cloud storage
  • B. When accessing a Snowflake table from a relational database
  • C. When accessing a Snowflake table from an external database within the same region
  • D. When continuously writing data from a Snowflake table to external storage

正解:A

解説:
According to the Introduction to External Tables documentation, an external table is a Snowflake feature that allows you to query data stored in an external stage as if the data were inside a table in Snowflake. The external stage is not part of Snowflake, so Snowflake does not store or manage the stage. This simplifies the data pipeline by eliminating the need to load the data into Snowflake before querying it. External tables can access data stored in any format that the COPY INTO <table> command supports, such as CSV, JSON, AVRO, ORC, or PARQUET. The other scenarios do not involve external tables, but rather require data loading, unloading, or federation.


質問 # 42
Which commands can be performed by a user with the ORGADMIN role but not the ACCOUNTADMIN role? (Select TWO).

  • A. SHOW USERS;
  • B. SHOW ORGANIZATION ACCOUNTS;
  • C. SHOW REGIONS;
  • D. GRANT ROLE ORGADMIN TO USER <username>;
  • E. SELECT SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER (
    'ACCOUNT LOCATOR',
    'ENABLE ACCOUNT DATABASE_REPLICATION',
    'true'
    );

正解:B、E

解説:
According to the Snowflake documentation1, the ORGADMIN role is a special system role that is responsible for managing operations at the organization level, such as creating and viewing accounts, enabling database replication, and setting global account parameters. The ACCOUNTADMIN role is a system role that is responsible for managing operations at the account level, such as creating and managing users, roles, warehouses, databases, and shares. Therefore, the commands that can be performed by the ORGADMIN role but not the ACCOUNTADMIN role are:
* SHOW ORGANIZATION ACCOUNTS: This command lists all the accounts in the organization and their properties, such as region, edition, and status2. The ACCOUNTADMIN role can only show the current account and its properties using the SHOW ACCOUNTS command3.
* SELECT SYSTEM$GLOBAL_ACCOUNT_SET_PARAMETER: This function sets a global account parameter for an account in the organization, such as enabling account database replication4. The ACCOUNTADMIN role can only set local account parameters using the ALTER ACCOUNT command.
Option A is incorrect because the SHOW REGIONS command can be executed by any role, not just the ORGADMIN role. Option B is incorrect because the SHOW USERS command can be executed by the ACCOUNTADMIN role, as well as any role that has been granted the MONITOR privilege on the account. Option D is incorrect because the GRANT ROLE ORGADMIN TO USER <username> command can be executed by the ACCOUNTADMIN role, as well as any role that has been granted the ORGADMIN role1.


質問 # 43
......

ADA-C01問題集と練習テスト(74試験問題):https://jp.fast2test.com/ADA-C01-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어