Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Databricks Discussions
exam questions

Exam Certified Data Engineer Professional All Questions

View all questions & answers for the Certified Data Engineer Professional exam
Go to Exam

Exam Certified Data Engineer Professional topic 1 question 100 discussion

Actual exam question from Databricks's Certified Data Engineer Professional
Question #: 100
Topic #: 1
[All Certified Data Engineer Professional Questions]

The data engineering team has been tasked with configuring connections to an external database that does not have a supported native connector with Databricks. The external database already has data security configured by group membership. These groups map directly to user groups already created in Databricks that represent various teams within the company.

A new login credential has been created for each group in the external database. The Databricks Utilities Secrets module will be used to make these credentials available to Databricks users.

Assuming that all the credentials are configured correctly on the external database and group membership is properly configured on Databricks, which statement describes how teams can be granted the minimum necessary access to using these credentials?

  • A. "Manage" permissions should be set on a secret key mapped to those credentials that will be used by a given team.
  • B. "Read" permissions should be set on a secret key mapped to those credentials that will be used by a given team.
  • C. "Read" permissions should be set on a secret scope containing only those credentials that will be used by a given team.
  • D. "Manage" permissions should be set on a secret scope containing only those credentials that will be used by a given team.
    No additional configuration is necessary as long as all users are configured as administrators in the workspace where secrets have been added.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Enduresoul at Nov. 26, 2023, 7:03 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vctrhugo
9 months, 3 weeks ago
Selected Answer: C
In Databricks, secret scopes are used to manage and organize secrets. By setting "Read" permissions on a secret scope containing the credentials, you allow the team to access the necessary credentials without granting unnecessary privileges. This approach ensures that the teams have the minimum necessary access to the credentials required for connecting to the external database. "Manage" permissions would provide more access than needed for just using the credentials. Option A and D suggest setting permissions on individual secret keys, which might work, but using a secret scope for organizational purposes is a cleaner and more scalable solution.
upvoted 3 times
...
Somesh512
10 months ago
Selected Answer: C
Access is at scope level and not key level
upvoted 2 times
...
petrv
12 months ago
Selected Answer: C
In summary, while technically feasible, setting "Read" permissions on a secret key might not be the most efficient or scalable solution when dealing with multiple teams and their corresponding credentials. Using secret scopes provides a more organized and maintainable approach for managing secrets in Databricks.
upvoted 1 times
...
Enduresoul
1 year ago
Selected Answer: C
Answer C is correct: https://docs.databricks.com/en/security/auth-authz/access-control/secret-acl.html#secret-access-control "Access control for secrets is managed at the secret scope level"
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel