[Q37-Q61] テスト資料ADA-C01テストエンジン試験問題はここにある[2025年12月]

Share

テスト資料ADA-C01テストエンジン試験問題はここにある[2025年12月]

合格突破受験者シミュレーションされたADA-C01試験PDF問題を試そう


Snowflake ADA-C01 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Manage and implement data sharing
  • Given a set of business requirements, establish access control architecture
トピック 2
  • Implement and manage data governance in Snowflake
  • Data Sharing, Data Exchange, and Snowflake Marketplace
トピック 3
  • Snowflake Security, Role-Based Access Control (RBAC), and User Administration
  • Disaster Recovery, Backup, and Data Replication
トピック 4
  • Interpret and make recommendations for data clustering
  • Manage DML locking and concurrency in Snowflake

 

質問 # 37
What access control policy will be put into place when future grants are assigned to both database and schema objects?

  • A. An access policy combining both the database object and the schema object will be used, with the most permissive policy taking precedence.
  • B. Database privileges will take precedence over schema privileges.
  • C. Schema privileges will take precedence over database privileges.
  • D. An access policy combining both the database object and the schema object will be used, with the most restrictive policy taking precedence.

正解:C

解説:
When future grants are defined on the same object type for a database and a schema in the same database, the schema-level grants take precedence over the database level grants, and the database level grants are ignored4. This behavior applies to privileges on future objects granted to one role or different roles4. Future grants allow defining an initial set of privileges to grant on new (i.e. future) objects of a certain type in a database or a schema3. As soon as the new objects are created inside the database or schema, the predefined set of privileges are assigned to the object automatically without any manual intervention3.


質問 # 38
An Administrator loads data into a staging table every day. Once loaded, users from several different departments perform transformations on the data and load it into different production tables.
How should the staging table be created and used to MINIMIZE storage costs and MAXIMIZE performance?

  • A. Create it as an external table, which will not incur Time Travel costs.
  • B. Create it as a transient table with a retention time of 0 days.
  • C. Create it as a permanent table with a retention time of 0 days.
  • D. Create it as a temporary table with a retention time of 0 days.

正解:B

解説:
Explanation
According to the Snowflake documentation1, a transient table is a type of table that does not support Time Travel or Fail-safe, which means that it does not incur any storage costs for maintaining historical versions of the data or backups for disaster recovery. A transient table can be dropped at any time, and the data is not recoverable. A transient table can also have a retention time of 0 days, which means that the data is deleted immediately after the table is dropped or truncated. Therefore, creating the staging table as a transient table with a retention time of 0 days can minimize the storage costs and maximize the performance, as the data is only loaded and transformed once, and then deleted after the production tables are populated. Option A is incorrect because creating the staging table as an external table, which references data files stored in a cloud storage location, can incur additional costs and complexity for data transfer and synchronization, and may not provide the best performance for data loading and transformation. Option C is incorrect because creating the staging table as a temporary table, which is automatically dropped when the session ends or the user logs out, can cause data loss or inconsistency if the session is interrupted or terminated before the production tables are populated. Option D is incorrect because creating the staging table as a permanent table, which supports Time Travel and Fail-safe, can incur additional storage costs for maintaining historical versions of the data and backups for disaster recovery, and may not provide the best performance for data loading and transformation.


質問 # 39
A company enabled replication between accounts and is ready to replicate data across regions in the same cloud service provider.
The primary database object is : PROD_AWS_EAST. Location : AWS_EAST
The secondary database object is : PROD_AWS_WEST. Location : AWS_WEST
What command and account location is needed to refresh the data?

  • A. Location : AWS_WEST
    Command : ALTER DATABASE PROD AWS WEST REFRESH;
  • B. Location : AWS EAST
    Command: ALTER DATABASE PROD_AWS_WEST REFRESH;
  • C. Location : AWS_EAST
    Command : REFRESH DATABASE PROD_AWS_WEST REFRESH;
  • D. Location : AWS_WEST
    Command : REFRESH DATABASE PROD_AWS WEST REFRESH;

正解:D

解説:
The REFRESH DATABASE command is used to refresh a secondary database with the latest data and metadata from the primary database1. The command must be executed in the target account where the secondary database resides2. Therefore, the answer is A, as the location is AWS_WEST and the command is REFRESH DATABASE PROD_AWS_WEST REFRESH. The other options are incorrect because they either use the wrong location, the wrong command, or the wrong database name.


質問 # 40
A Snowflake Administrator is investigating why a query is not re-using the persisted result cache.
The Administrator found the two relevant queries from the SNOWFLAKE. ACCOUNT_USAGE. QUERY_HISTORY view:

Why is the second query re-scanning micro-partitions instead of using the first query's persisted result cache?

  • A. The queries are executed with two different virtual warehouses.
  • B. The second query includes a CURRENT_DATE () function.
  • C. The second query includes a CURRENT_TIMESTAMP () function.
  • D. The queries are executed with two different roles.

正解:C

解説:
The inclusion of the CURRENT_TIMESTAMP() function in the second query prevents it from re-using the first query's persisted result cache because this function makes each execution unique due to the constantly changing timestamp. According to the Snowflake documentation, "The query does not include non-reusable functions, which return different results for successive runs of the same query. UUID_STRING, RANDOM, and RANDSTR are good examples of non-reusable functions." The CURRENT_TIMESTAMP() function is another example of a non-reusable function, as it returns the current date and time at the start of query execution, which varies for each run. Therefore, the second query is not identical to the first query, and the result cache is not reused. The other options are either incorrect or irrelevant to the question. Option B is incorrect, as the CURRENT_DATE() function is a reusable function, as it returns the same value for all queries executed within the same day. Option C is irrelevant, as the virtual warehouse used to execute the query does not affect the result cache reuse. Option D is also irrelevant, as the role used to execute the query does not affect the result cache reuse, as long as the role has the necessary access privileges for all the tables used in the query.


質問 # 41
What is required for stages, without credentials, to limit data exfiltration after a storage integration and associated stages are created?

  • A. ALTER ACCOUNT my_account SET
    REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = true;
    ALTER ACCOUNT my_account SET
    REQUIRE_STORAGE_INTEGRATION FOR STAGE_OPERATION = true;
    ALTER ACCOUNT my_account SET
    PREVENT_UNLOAD_TO_INLINE_URL = true;
  • B. ALTER ACCOUNT my_account SET
    REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = true;
    ALTER ACCOUNT my_account SET
    REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = true;
    ALTER ACCOUNT my_account SET
    PREVENT_UNLOAD_TO_INLINE_URL = false;
  • C. ALTER ACCOUNT my_account SET
    REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = false;
    ALTER ACCOUNT my_account SET
    REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = false;
    ALTER ACCOUNT my_account SET
    PREVENT_UNLOAD_TO_INLINE_URL = false;
  • D. ALTER ACCOUNT my_account SET
    REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION = false;
    ALTER ACCOUNT my_account SET
    REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION = false;
    ALTER ACCOUNT my_account SET
    PREVENT_UNLOAD_TO_INLINE_URL = true;

正解:A

解説:
According to the Snowflake documentation1, stages without credentials are a way to create external stages that use storage integrations to access data files in cloud storage without providing any credentials to Snowflake. Storage integrations are objects that define a trust relationship between Snowflake and a cloud provider, allowing Snowflake to authenticate and authorize access to the cloud storage. To limit data exfiltration after a storage integration and associated stages are created, the following account-level parameters can be set:
* REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION: This parameter enforces that all external stages must be created using a storage integration. This prevents users from creating external stages with inline credentials or URLs that point to unauthorized locations.
* REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION: This parameter enforces that all operations on external stages, such as PUT, GET, COPY, and LIST, must use a storage integration. This prevents users from performing operations on external stages with inline credentials or URLs that point to unauthorized locations.
* PREVENT_UNLOAD_TO_INLINE_URL: This parameter prevents users from unloading data from Snowflake tables to inline URLs that do not use a storage integration. This prevents users from exporting data to unauthorized locations.
Therefore, the correct answer is option D, which sets all these parameters to true. Option A is incorrect because it sets PREVENT_UNLOAD_TO_INLINE_URL to false, which allows users to unload data to inline URLs that do not use a storage integration. Option B is incorrect because it sets both REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_CREATION and REQUIRE_STORAGE_INTEGRATION_FOR_STAGE_OPERATION to false, which allows users to create and operate on external stages without using a storage integration. Option C is incorrect because it sets all the parameters to false, which does not enforce any restrictions on data exfiltration.


質問 # 42
What role or roles should be used to properly create the object required to setup OAuth 2.0 integration?

  • A. ACCOUNTADMIN only
  • B. Any role with GRANT USAGE on SECURITY INTEGRATION
  • C. ACCOUNTADMIN and SYSADMIN
  • D. ACCOUNTADMIN and SECURITYADMIN

正解:A

解説:
According to the Using OAuth 2.0 with Snowflake - Blog, only the ACCOUNTADMIN role can create and manage integrations, so an administrator must assume that role when creating a security integration for OAuth. The other roles do not have the necessary privileges to create the object required to setup OAuth 2.0 integration.


質問 # 43
A virtual warehouse report_wh is configured with AUTO_RESUME=TRUE and AUTO_SUSPEND=300. A user has been granted the role accountant.
An application with the accountant role should use this warehouse to run financial reports, and should keep track of compute credits used by the warehouse.
What minimal privileges on the warehouse should be granted to the role to meet the requirements for the application? (Select TWO).

  • A. OPERATE
  • B. OWNERSHIP
  • C. MONITOR
  • D. USAGE
  • E. MODIFY

正解:C、D

解説:
Explanation
According to the Snowflake documentation1, the MONITOR privilege on a warehouse grants the ability to view the warehouse usage and performance metrics, such as the number of credits consumed, the average and maximum run time, and the number of queries executed. The USAGE privilege on a warehouse grants the ability to use the warehouse to execute queries and load data. Therefore, the minimal privileges on the warehouse that should be granted to the role to meet the requirements for the application are MONITOR and USAGE. Option A is incorrect because the OPERATE privilege on a warehouse grants the ability to start, stop, resume, and suspend the warehouse, which is not required for the application. Option B is incorrect because the MODIFY privilege on a warehouse grants the ability to alter the warehouse properties, such as the size, auto-suspend, and auto-resume settings, which is not required for the application. Option E is incorrect because the OWNERSHIP privilege on a warehouse grants the ability to drop the warehouse, grant or revoke privileges on the warehouse, and transfer the ownership to another role, which is not required for the application.


質問 # 44
What session parameter can be used to test the integrity of secure views based on the account that is accessing that view?

  • A. SIMULATED_DATA_SHARING_CONSUMER
  • B. MIMIC_CONSUMER_ACCOUNT
  • C. TEST_ACCOUNT_ID
  • D. PRODUCER_TEST_ACCT

正解:A

解説:
Explanation
The SIMULATED_DATA_SHARING_CONSUMER session parameter allows a data provider to test the integrity of secure views based on the account that is accessing that view2. By setting this parameter to the name of the consumer account, the data provider can query the secure view and see the results that a user in the consumer account will see2. This helps to ensure that sensitive data in a shared database is not exposed to unauthorized users1. The other options are not valid session parameters in Snowflake3


質問 # 45
Which tasks can be performed by the ORGADMIN role? (Select THREE).

  • A. View usage information for all accounts in the organization.
  • B. View a list of all regions enabled for the organization.
  • C. Perform zero-copy cloning on account data.
  • D. Create one or more accounts in the organization.
  • E. Create secure views on application tables within the organization.
  • F. Create a reader account to share data with another organization.

正解:A、B、D

解説:
Explanation
A user with the ORGADMIN role can perform the following tasks1:
*Create one or more accounts in the organization.
*View a list of all regions enabled for the organization.
*View usage information for all accounts in the organization.
Option C is incorrect because creating secure views on application tables is not a function of the ORGADMIN role, but rather a function of the roles that have access to the tables and schemas within the accounts. Option E is incorrect because performing zero-copy cloning on account data is not a function of the ORGADMIN role, but rather a function of the roles that have the CLONE privilege on the objects within the accounts. Option F is incorrect because creating a reader account to share data with another organization is not a function of the ORGADMIN role, but rather a function of the roles that have the CREATE SHARE privilege on the objects within the accounts.


質問 # 46
A Snowflake Administrator is investigating why a query is not re-using the persisted result cache.
The Administrator found the two relevant queries from the SNOWFLAKE. ACCOUNT_USAGE.
QUERY_HISTORY view:

Why is the second query re-scanning micro-partitions instead of using the first query's persisted result cache?

  • A. The second query includes a CURRENT_TIMESTAMP () function.
  • B. The second query includes a CURRENT_DATE () function.
  • C. The queries are executed with two different roles.
  • D. The queries are executed with two different virtual warehouses.

正解:D

解説:
Explanation
The inclusion of the CURRENT_TIMESTAMP() function in the second query prevents it from re-using the first query's persisted result cache because this function makes each execution unique due to the constantly changing timestamp. According to the Snowflake documentation, "The query does not include non-reusable functions, which return different results for successive runs of the same query. UUID_STRING, RANDOM, and RANDSTR are good examples of non-reusable functions." The CURRENT_TIMESTAMP() function is another example of a non-reusable function, as it returns the current date and time at the start of query execution, which varies for each run. Therefore, the second query is not identical to the first query, and the result cache is not reused. The other options are either incorrect or irrelevant to the question. Option B is incorrect, as the CURRENT_DATE() function is a reusable function, as it returns the same value for all queries executed within the same day. Option C is irrelevant, as the virtual warehouse used to execute the query does not affect the result cache reuse. Option D is also irrelevant, as the role used to execute the query does not affect the result cache reuse, as long as the role has the necessary access privileges for all the tables used in the query.


質問 # 47
A requirement has been identified to allow members of a corporate Data Product team to bring in data sets from the Snowflake Marketplace. The members of this team use the role DP_TEAM.
What grant statements must the ACCOUNTADMIN execute in order for the DP TEAM role to import and work with data from the Marketplace?

  • A. grant marketplace in account to role dp_team;
    grant create database from share to role dp_team;
  • B. grant usage on snowflake_marketplace to role dp_team;
    grant create database on account to role dp_team;
  • C. grant imported privileges on account to role dp_team;
    grant create database on account to role dp_team;
  • D. grant import share on account to role dp_team;
    grant create database on account to role dp_team;

正解:D

解説:
Explanation
Option D is the correct answer because it follows the steps described in the Snowflake documentation for importing data from the Snowflake Marketplace. The ACCOUNTADMIN role needs to grant the IMPORT SHARE privilege on the account to the DP_TEAM role, which allows the role to import data from any provider in the marketplace. The ACCOUNTADMIN role also needs to grant the CREATE DATABASE privilege on the account to the DP_TEAM role, which allows the role to create a database from a share. Option A is incorrect because there is no MARKETPLACE privilege in Snowflake. Option B is incorrect because the USAGE privilege on SNOWFLAKE_MARKETPLACE is not sufficient to import data from the marketplace.
Option C is incorrect because there is no IMPORTED PRIVILEGES privilege in Snowflake.


質問 # 48
A company's Snowflake account has multiple roles. Each role should have access only to data that resides in the given role's specific region.
When creating a row access policy, which code snippet below will provide privileges to the role ALL_ACCESS_ROLE to see all rows regardless of region, while the other roles can only see rows for their own regions?

  • A. create or replace row access policy region policy as (region_value varchar) returns boolean ->
    'ALL ACCESS_ROLE' = current_role ()
    and exists (
    select 1 from entitlement_table
    where role = current_role ()
    and region = region_value
    )
  • B. create or replace row access policy region policy as (region_value varchar) returns boolean ->
    'ALL_ACCESS_ROLE' = current_role ()
    or exists (
    select 1 from entitlement_table
    where role = current_role ()
    and region = region_value
    )
  • C. create or replace row access policy region policy as (region_value varchar) returns boolean ->
    'ALL ACCESS ROLE' = current_role ()
    )
  • D. create or replace row access policy region policy as (region_value varchar) returns boolean -> exists ( select 1 from entitlement_table where role = current_role () and region = region_value )

正解:B

解説:
This code snippet will create a row access policy that returns true if the current role is ALL_ACCESS_ROLE or if the current role matches the region value in the entitlement_table. This means that the ALL_ACCESS_ROLE can see all rows regardless of region, while the other roles can only see rows for their own regions. According to the Snowflake documentation, the CURRENT_ROLE context function returns the name of the current role for the session. The EXISTS function returns true if the subquery returns any rows. The OR operator returns true if either operand is true. Therefore, this code snippet satisfies the requirements of the question.


質問 # 49
A company's Snowflake account has multiple roles. Each role should have access only to data that resides in the given role's specific region.
When creating a row access policy, which code snippet below will provide privileges to the role ALL_ACCESS_ROLE to see all rows regardless of region, while the other roles can only see rows for their own regions?

  • A. create or replace row access policy region policy as (region_value varchar) returns boolean ->
    'ALL ACCESS_ROLE' = current_role ()
    and exists (
    select 1 from entitlement_table
    where role = current_role ()
    and region = region_value
    )
  • B. create or replace row access policy region policy as (region_value varchar) returns boolean ->
    'ALL_ACCESS_ROLE' = current_role ()
    or exists (
    select 1 from entitlement_table
    where role = current_role ()
    and region = region_value
    )
  • C. create or replace row access policy region policy as (region_value varchar) returns boolean ->
    'ALL ACCESS ROLE' = current_role ()
    )
  • D. create or replace row access policy region policy as (region_value varchar) returns boolean -> exists ( select 1 from entitlement_table where role = current_role () and region = region_value )

正解:B

解説:
Explanation
This code snippet will create a row access policy that returns true if the current role is ALL_ACCESS_ROLE or if the current role matches the region value in the entitlement_table. This means that the ALL_ACCESS_ROLE can see all rows regardless of region, while the other roles can only see rows for their own regions. According to the Snowflake documentation, the CURRENT_ROLE context function returns the name of the current role for the session. The EXISTS function returns true if the subquery returns any rows.
The OR operator returns true if either operand is true. Therefore, this code snippet satisfies the requirements of the question.


質問 # 50
Which Snowflake objects can be managed using SCIM integration? (Select TWO).

  • A. Users
  • B. Warehouses
  • C. Shares
  • D. Roles
  • E. Stages

正解:A、D

解説:
Explanation
A SCIM security integration allows the automated management of user identities and groups (i.e. roles) by creating an interface between Snowflake and a third-party Identity Provider (IdP)1. Snowflake supports SCIM integration with Okta, Azure, and custom SCIM clients2. SCIM integration does not support managing other Snowflake objects, such as stages, warehouses, or shares3. Therefore, the answer is B. Users and D. Roles.


質問 # 51
What SCIM integration types are supported in Snowflake? (Select THREE).

  • A. Google Cloud Platform (GCP)
  • B. Duo Security Provisioning Connector
  • C. Custom
  • D. Azure Active Directory (Azure AD)
  • E. Okta
  • F. Amazon Web Services (AWS)

正解:C、D、E

解説:
According to the Snowflake documentation1, Snowflake supports SCIM 2.0 to integrate Snowflake with Okta and Microsoft Azure AD, which both function as identity providers. Snowflake also supports identity providers that are neither Okta nor Microsoft Azure (i.e. Custom). Therefore, the SCIM integration types that are supported in Snowflake are Okta, Custom, and Azure AD. Option A is incorrect because Amazon Web Services (AWS) is not a SCIM identity provider. Option B is incorrect because Google Cloud Platform (GCP) is not a SCIM identity provider. Option F is incorrect because Duo Security Provisioning Connector is not a SCIM identity provider.


質問 # 52
An Administrator is evaluating a complex query using the EXPLAIN command. The Globalstats operation indicates 500 partitionsAssigned.
The Administrator then runs the query to completion and opens the Query Profile. They notice that the partitions scanned value is 429.
Why might the actual partitions scanned be lower than the estimate from the EXPLAIN output?

  • A. The EXPLAIN results always include a 10-15% safety factor in order to provide conservative estimates.
  • B. In-flight data compression will result in fewer micro-partitions being scanned at the virtual warehouse layer than were identified at the storage layer.
  • C. The GlobalStats partition assignment includes the micro-partitions that will be assigned for preservation of the query results.
  • D. Runtime optimizations such as join pruning can reduce the number of partitions and bytes scanned during query execution.

正解:D

解説:
The EXPLAIN command returns the logical execution plan for a query, which shows the upper bound estimates for the number of partitions and bytes that might be scanned by the query1. However, these estimates do not account for the runtime optimizations that Snowflake performs to improve the query performance and reduce the resource consumption2. One of these optimizations is join pruning, which eliminates unnecessary partitions from the join inputs based on the join predicates2. This can result in fewer partitions and bytes scanned than the estimates from the EXPLAIN output3. Therefore, the actual partitions scanned value in the Query Profile can be lower than the partitionsAssigned value in the EXPLAIN output4.


質問 # 53
Which actions are considered breaking changes to data that is shared with consumers in the Snowflake Marketplace? (Select TWO).

  • A. Deleting data from a table
  • B. Unpublishing the data listing
  • C. Adding region availability to the listing
  • D. Dropping a column from a table
  • E. Renaming a table

正解:D、E

解説:
Explanation
According to the Snowflake documentation1, breaking changes are changes that affect the schema or structure of the shared data, such as dropping or renaming a column or a table. These changes may cause errors or unexpected results for the consumers who query the shared data. Deleting data from a table, unpublishing the data listing, or adding region availability to the listing are not breaking changes, as they do not alter the schema or structure of the shared data.
1: Managing Data Listings in Snowflake Data Marketplace | Snowflake Documentation


質問 # 54
A large international company with many operating regions requires data to be shared bi-directionally among all offices (head office to regional offices and regional offices among themselves). This company is a Snowflake account holder with European operations deployed in Microsoft Azure (single region) while North American regional offices are using AWS (single region) as their deployment cloud. This setup is required to comply with Personal Identifiable Information (PII) regulations in some of the European countries. The corporate head office is in Europe.
How can this data be shared bi-directionally, while MINIMIZING costs?

  • A. Use bi-directional data sharing among offices in the same region and replication among offices across the continents.
  • B. Use the PUT command to move files to an Amazon S3 bucket and Azure Blobs, and use an external file management application to move files within the corporate VPC.
  • C. Use data replication everywhere to reduce costs associated with same-region sharing.
  • D. Move all the Snowflake accounts to a single region, and implement data sharing.

正解:A

解説:
According to the Snowflake documentation1, data sharing is a feature that allows sharing selected objects in a database in one account with other accounts in the same organization, without copying or transferring any data. Data sharing is supported across regions and across cloud platforms, but it requires enabling account database replication for both the source and target accounts2. Data replication is a feature that allows replicating objects from a source account to one or more target accounts in the same organization, providing read-only access for the replicated objects. Data replication is also supported across regions and across cloud platforms, but it incurs additional storage costs for the replicated data2. Therefore, the best way to share data bi-directionally among all offices, while minimizing costs, is to use data sharing among offices in the same region, which does not require replication or additional storage, and use replication among offices across the continents, which provides near real-time access to the shared data. Option A is incorrect because using data replication everywhere would increase the costs associated with additional storage and compute resources for the replicated data. Option B is incorrect because using the PUT command to move files to an Amazon S3 bucket and Azure Blobs, and using an external file management application to move files within the corporate VPC, would not leverage the benefits of Snowflake's data sharing and replication features, and would also incur additional costs and complexity for data transfer and synchronization. Option C is incorrect because moving all the Snowflake accounts to a single region would violate the PII regulations in some of the European countries, and would also incur additional costs and complexity for data migration and consolidation.


質問 # 55
The following SQL command was executed:
Use role SECURITYADMIN;
Grant ownership
On future tables
In schema PROD. WORKING
To role PROD_WORKING_OWNER;
Grant role PROD_WORKING_OWNER to role SYSADMIN;
Use role ACCOUNTADMIN;
Create table PROD.WORKING.XYZ (value number) ;
Which role(s) can alter or drop table XYZ?

  • A. Because ACCOUNTADMIN created the table, only the ACCOUNTADMIN role can alter or drop table XYZ.
  • B. SECURITYADMIN, SYSADMIN, and ACCOUNTADMIN can alter or drop table XYZ.
  • C. Only the PROD_WORKING_OWNER role can alter or drop table XYZ.
  • D. PROD_WORKING_OWNER, ACCOUNTADMIN, and SYSADMIN can alter or drop table XYZ.

正解:D

解説:
Explanation
According to the GRANT OWNERSHIP documentation, the ownership privilege grants full control over the table and can only be held by one role at a time. However, the current owner can also grant the ownership privilege to another role, which transfers the ownership to the new role. In this case, the SECURITYADMIN role granted the ownership privilege on future tables in the PROD.WORKING schema to the PROD_WORKING_OWNER role. This means that any table created in that schema after the grant statement will be owned by the PROD_WORKING_OWNER role. Therefore, the PROD_WORKING_OWNER role can alter or drop table XYZ, which was created by the ACCOUNTADMIN role in the PROD.WORKING schema. Additionally, the ACCOUNTADMIN role can also alter or drop table XYZ, because it is the top-level role that has all privileges on all objects in the account. Furthermore, the SYSADMIN role can also alter or drop table XYZ, because it was granted the PROD_WORKING_OWNER role by the SECURITYADMIN role. The SYSADMIN role can activate the PROD_WORKING_OWNER role and inherit its privileges, including the ownership privilege on table XYZ. The SECURITYADMIN role cannot alter or drop table XYZ, because it does not have the ownership privilege on the table, nor does it have the PROD_WORKING_OWNER role.


質問 # 56
A team of developers created a new schema for a new project. The developers are assigned the role DEV_TEAM which was set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE DEV TEAM;
GRANT USAGE, CREATE SCHEMA ON DATABASE DEV_DB01 TO ROLE DEV_TEAM;
GRANT USAGE ON WAREHOUSE DEV_WH TO ROLE DEV_TEAM;
Each team member's access is set up using the following statements:
USE ROLE SECURITYADMIN;
CREATE ROLE JDOE_PROFILE;
CREATE USER JDOE LOGIN NAME = 'JDOE' DEFAULT_ROLE='JDOE_PROFILE';
GRANT ROLE JDOE_PROFILE TO USER JDOE;
GRANT ROLE DEV_TEAM TO ROLE JDOE_PROFILE;
New tables created by any of the developers are not accessible by the team as a whole.
How can an Administrator address this problem?

  • A. Assign usage privilege on the virtual warehouse DEV_WH to the role JDOE_PROFILE.
  • B. Set up future grants on the newly-created schemas.
  • C. Assign ownership privilege to DEV_TEAM on the newly-created schema.
  • D. Set up the new schema as a managed-access schema.

正解:B

解説:
Explanation
According to the Snowflake documentation1, future grants are a way to automatically grant privileges on future objects of a specific type that are created in a database or schema. By setting up future grants on the newly-created schemas, the administrator can ensure that any tables created by the developers in those schemas will be accessible by the DEV_TEAM role, without having to grant privileges on each table individually. Option A is incorrect because assigning ownership privilege to DEV_TEAM on the newly-created schema does not grant privileges on the tables in the schema, only on the schema itself. Option B is incorrect because assigning usage privilege on the virtual warehouse DEV_WH to the role JDOE_PROFILE does not affect the access to the tables in the schemas, only the ability to use the warehouse.
Option D is incorrect because setting up the new schema as a managed-access schema does not grant privileges on the tables in the schema, but rather requires explicit grants for each table.


質問 # 57
What Snowflake capabilities are commonly used in rollback scenarios? (Select TWO).

  • A. SELECT SYSTEM$CANCEL_QUERY('problematic_query_id');
  • B. ALTER TABLE prd_table SWAP WITH prd_table_bkp;
  • C. CREATE TABLE prd_table_bkp CLONE prd_table BEFORE (STATEMENT => 'problematic_query_id');
  • D. CREATE TABLE prd_table_bkp AS SELECT * FROM TABLE(RESULT_SCAN('problematic_query_id'));
  • E. Contact Snowflake Support to retrieve Fail-safe data.

正解:B、C

解説:
Scenario: You want to rollback changes due to a problematic query (e.g., accidental data modification or corruption). Snowflake provides two powerful tools:
✅ B. CLONE ... BEFORE (STATEMENT => 'query_id')
This uses Time Travel + Zero-Copy Cloning.
You can clone a table as it existed before a specific query.
It creates a full copy of the table's state at that moment without duplicating storage.
Example:
CREATE TABLE prd_table_bkp CLONE prd_table
BEFORE (STATEMENT => '01a2b3c4-0000-0000-0000-123456789abc');
✅ D. ALTER TABLE ... SWAP WITH ...
Once you've cloned the backup, you can swap it with the live table.
This is a fast, atomic operation - ideal for rollback.
Example:
ALTER TABLE prd_table SWAP WITH prd_table_bkp;
❌ Why the Other Options Are Incorrect:
A . SELECT SYSTEM$CANCEL_QUERY(...)
Cancels a currently running query - doesn't help if the query already executed and caused damage.
C . CREATE TABLE ... AS SELECT * FROM RESULT_SCAN(...)
Reconstructs results, not the original table.
Only captures output rows, not full table state.
Not ideal for rollback.
E . Contact Snowflake Support to retrieve Fail-safe data
Fail-safe is for disaster recovery only, and only accessible by Snowflake support.
It's not intended for routine rollback or recovery and has a 7-day fixed retention (non-configurable).
SnowPro Administrator Reference:
Zero-Copy Cloning with Time Travel
ALTER TABLE SWAP
System Functions - SYSTEM$CANCEL_QUERY
Fail-safe Overview


質問 # 58
A data provider wants to share data from multiple databases with a data consumer account.
How can this be accomplished?

  • A. The data provider needs to create a secure view and must grant the REFERENCE_USAGE privilege on the database where the secure view is created.
  • B. The data provider needs to create a secure view and grant the REFERENCE_USAGE privilege on each database referenced by the secure view.
  • C. The data provider needs to create a secure view and grant the USAGE privilege on each database referenced by the secure view.
  • D. The data provider needs to create a secure view and grant the REFERENCE_USAGE privilege to a database role to include objects from multiple databases in a share

正解:B

解説:
Explanation
Option B is the correct answer because it follows the steps described in the Snowflake documentation for sharing data from multiple databases using secure views. The data provider needs to grant the REFERENCE_USAGE privilege on each database that contains objects referenced by the secure view, and the USAGE privilege only on the database where the secure view is created. Option A is incorrect because it grants the USAGE privilege instead of the REFERENCE_USAGE privilege. Option C is incorrect because it grants the REFERENCE_USAGE privilege to a database role, which is not supported. Option D is incorrect because it grants the REFERENCE_USAGE privilege on the wrong database.


質問 # 59
The ACCOUNTADMIN of Account 123 works with Snowflake Support to set up a Data Exchange. After the exchange is populated with listings from other Snowflake accounts, what roles in Account 123 are allowed to request and get data?

  • A. Only the ACCOUNTADMIN role, and no other roles
  • B. Any role with USAGE privilege on the Data Exchange
  • C. Any role with IMPORT SHARE and CREATE DATABASE privileges
  • D. Any role that the listing provider has designated as authorized

正解:B

解説:
Explanation
To request and get data from a Data Exchange, the role in Account 123 must have the USAGE privilege on the Data Exchange object. This privilege allows the role to view the listings and request access to the data.
According to the Snowflake documentation, "To view the listings in a data exchange, a role must have the USAGE privilege on the data exchange object. To request access to a listing, a role must have the USAGE privilege on the data exchange object and the IMPORT SHARE privilege on the account." The other options are either incorrect or not sufficient to request and get data from a Data Exchange. Option A is incorrect, as the ACCOUNTADMIN role is not the only role that can request and get data, as long as other roles have the necessary privileges. Option C is incorrect, as the IMPORT SHARE and CREATE DATABASE privileges are not required to request and get data, but only to create a database from a share after the access is granted.
Option D is incorrect, as the listing provider does not designate the authorized roles in Account 123, but only approves or denies the requests from Account 123.


質問 # 60
A company has many users in the role ANALYST who routinely query Snowflake through a reporting tool. The Administrator has noticed that the ANALYST users keep two small clusters busy all of the time, and occasionally they need three or four clusters of that size.
Based on this scenario, how should the Administrator set up a virtual warehouse to MOST efficiently support this group of users?

  • A. Create a multi-cluster warehouse with MIN_CLUSTERS set to 2. Set the warehouse to auto-resume and auto-suspend, and give USAGE privileges to the ANALYST role. Allow the warehouse to auto-scale.
  • B. Create a multi-cluster warehouse with MIN_CLUSTERS set to 1. Give MANAGE privileges to the ANALYST role so this group can start and stop the warehouse, and increase the number of clusters as needed.
  • C. Create four virtual warehouses (sized Small through XL) and set them to auto-suspend and auto-resume. Have users in the ANALYST role select the appropriate warehouse based on how many queries are being run.
  • D. Create a standard X-Large warehouse, which is equivalent to four small clusters. Set the warehouse to auto-resume and auto-suspend, and give USAGE privileges to the ANALYST role.

正解:A

解説:
According to the Snowflake documentation1, a multi-cluster warehouse is a virtual warehouse that consists of multiple clusters of compute resources that can scale up or down automatically to handle the concurrency and performance needs of the queries submitted to the warehouse. A multi-cluster warehouse has a minimum and maximum number of clusters that can be specified by the administrator. Option B is the most efficient way to support the group of users, as it allows the administrator to create a multi-cluster warehouse with MIN_CLUSTERS set to 2, which means that the warehouse will always have two clusters running to handle the standard workload. The warehouse can also auto-scale up to the maximum number of clusters (which can be set according to the peak workload) when there is a spike in demand, and then scale down when the demand decreases. The warehouse can also auto-resume and auto-suspend, which means that the warehouse will automatically start when a query is submitted and automatically stop after a period of inactivity. The administrator can also give USAGE privileges to the ANALYST role, which means that the users can use the warehouse to execute queries and load data, but not modify or operate the warehouse. Option A is not efficient, as it requires the users to manually start and stop the warehouse, and increase the number of clusters as needed, which can be time-consuming and error-prone. Option C is not efficient, as it creates a standard X-Large warehouse, which is equivalent to four small clusters, which may be more than needed for the standard workload, and may not be enough for the peak workload. Option D is not efficient, as it creates four virtual warehouses of different sizes, which can be confusing and cumbersome for the users to select the appropriate warehouse based on how many queries are being run, and may also result in wasted resources and costs.


質問 # 61
......

正真正銘で最適なADA-C01オンライン練習試験資料:https://jp.fast2test.com/ADA-C01-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어