You have the Power BI model shown in the following exhibit. There are four departments in the Departments table. You need to ensure that users can see the data of their respective department only. What should you do?
A.
Create a slicer that filters Departments based on DepartmentID.
B.
Create a row-level security (RLS) role for each department, and then define the membership of the role.
C.
Create a DepartmentID parameter to filter the Departments table.
D.
To the ConfidentialData table, add a calculated measure that uses the CURRENTGROUP DAX function.
The clue is "There are four departments ..."
see https://learn.microsoft.com/en-us/power-bi/guidance/rls-guidance
It says there:
Avoid using RLS, whenever it makes sense to do so. If you have only a small number of simplistic RLS rules that apply static filters, consider publishing multiple datasets instead [...] to different workspaces [...] and use query parameters to filter source data.
Agree with fred92, we need to read between the lines, that's why the questions says -there are 4 departments! from documentation "Sometimes it makes sense to avoid using RLS. If you have only a few simplistic RLS rules that apply static filters, consider publishing multiple datasets instead. For example, a company that has just two sales regions decides to publish a dataset for each sales region to different workspaces. The datasets don't enforce RLS. They do, however, use query parameters to filter source data. This way, the same model is published to each workspace—they just have different dataset parameter values. advantages- improved query performance and smaller models. So C is correct.
Parameter only makes the report viewing dynamic and not secure (A user can just type a department name he doesn't belong to and view the report). RLS secures access to only those with clearance.
B is the correct answer.
To ensure that users can see the data of their respective department only, we should implement low-level security (RLS). Here is how it works:
- Create a separate RLS role for each department.
- Define the membership of each role by specifying which DepartmentID(s) each role can access.
- Assign users to the appropriate RLS role based on their department affiliation.
This way, each user will only be able to see data related to their respective department, as per the RLS rules you define.
This section is not available anymore. Please use the main Exam Page.PL-300 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
lukelin08
Highly Voted 2 years, 6 months agofred92
Highly Voted 2 years, 6 months agokillaboy
2 years, 2 months agofred92
2 years, 6 months agosrikanth923
2 years, 1 month agoprikha16
2 years agoApacheKafka
1 year, 8 months agojaume
Most Recent 5 months, 1 week agorcaliandro
8 months, 2 weeks agoDani_eL
1 year, 2 months ago7e8101a
1 year, 3 months agobenni_ale
1 year, 3 months agoMayurV19
1 year, 4 months agoDsbuff
1 year, 4 months agoIgetmyrole
1 year, 7 months agotke44
1 year, 11 months agoRazaTheLegend
2 years agosrikanth923
2 years, 1 month agosvg10gh
2 years, 3 months agoDr_Do
2 years, 4 months agoHoeishetmogelijk
2 years, 5 months ago