Exam SnowPro Core Recertification topic 1 question 2 discussion

When a user-level network policy is assigned, Snowflake does not immediately log the user out but enforces the policy on subsequent actions. If the user's IP address does not match the policy rules, Snowflake will block any further queries or operations from that session.

Answer C. https://docs.snowflake.com/en/user-guide/network-policies In addition, when a user-level network policy is associated with the user and the user is already logged into Snowflake, if the user’s network location does not match the user-level network policy rules, Snowflake prevents the user from executing further queries.

The reason C. Prevent the user from executing additional queries is not the correct answer is because Snowflake's network policies are designed to enforce security by immediately terminating sessions that do not comply with the policy rules. When a user's IP address does not match the user-level network policy, Snowflake logs the user out to prevent any potential security risks12. Preventing the user from executing additional queries while allowing them to remain logged in could still pose a security threat, as the user would still have an active session. Logging the user out ensures that any unauthorized access is immediately cut off.

In addition, when a user-level network policy is associated with the user and the user is already logged into Snowflake, if the user’s network location does not match the user-level network policy rules, Snowflake prevents the user from executing further queries.

Given Answer is right