BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Databricks Exam Databricks-Certified-Professional-Data-Engineer Topic 2 Question 23 Discussion

Actual exam question for Databricks's Databricks-Certified-Professional-Data-Engineer exam
Question #: 23
Topic #: 2
[All Databricks-Certified-Professional-Data-Engineer Questions]

The data engineer team has been tasked with configured connections to an external database that does not have a supported native connector with Databricks. The external database already has data security configured by group membership. These groups map directly to user group already created in Databricks that represent various teams within the company.

A new login credential has been created for each group in the external database. The Databricks Utilities Secrets module will be used to make these credentials available to Databricks users.

Assuming that all the credentials are configured correctly on the external database and group membership is properly configured on Databricks, which statement describes how teams can be granted the minimum necessary access to using these credentials?

Show Suggested Answer Hide Answer
Suggested Answer: C

In Databricks, using the Secrets module allows for secure management of sensitive information such as database credentials. Granting 'Read' permissions on a secret key that maps to database credentials for a specific team ensures that only members of that team can access these credentials. This approach aligns with the principle of least privilege, granting users the minimum level of access required to perform their jobs, thus enhancing security.


Databricks Documentation on Secret Management: Secrets

by Quiana at Sep 17, 2024, 01:32 PM

Limited Time Offer

25%

Off

Get Premium Databricks-Certified-Professional-Data-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Belen
17 days ago
Option A is too narrow. You'd have to create a separate secret key for each team, which could get messy. C covers it nicely.
upvoted 0 times
...
Jesusa
18 days ago
Haha, option D is hilarious! 'Manage' permission? That's overkill. C is the way to go, keep it simple and secure.
upvoted 0 times
...
Staci
21 days ago
Option B seems too broad. Giving all users admin access to the secrets would be a security risk. I'd go with option C.
upvoted 0 times
...
Lai
23 days ago
I think option C is the correct answer. Setting 'Read' permissions on a secret scope containing only the relevant credentials ensures that each team has the minimum necessary access.
upvoted 0 times
Bettina
7 days ago
Yeah, setting 'Read' permissions on a secret scope makes sense.
upvoted 0 times
...
Cordell
9 days ago
I agree, option C seems like the best choice.
upvoted 0 times
...
...
Ruby
25 days ago
Option A is too narrow. You'd have to create a separate secret key for each team, which could get messy. C covers it nicely.
upvoted 0 times
Stephaine
3 days ago
It definitely simplifies the process and keeps everything more manageable.
upvoted 0 times
...
Brice
11 days ago
Yeah, setting 'Read' permissions on a secret scope for each team is more organized than creating separate secret keys.
upvoted 0 times
...
Julian
18 days ago
I agree, option C seems like the best approach to grant access to the teams.
upvoted 0 times
...
...
Lang
1 months ago
I'm not sure, but I think option D could also work. Giving 'Manage' permission on a secret scope might provide more control over the credentials.
upvoted 0 times
...
Tori
1 months ago
Haha, option D is hilarious! 'Manage' permission? That's overkill. C is the way to go, keep it simple and secure.
upvoted 0 times
Rodrigo
9 days ago
Keeping it simple with option C is the best way to ensure security and access control.
upvoted 0 times
...
Chantell
13 days ago
Exactly, it's important to only give teams access to what they need, no need for 'Manage' permissions.
upvoted 0 times
...
Cassi
23 days ago
Yeah, setting 'Read' permissions on a secret scope makes more sense for granting access to the credentials.
upvoted 0 times
...
Honey
25 days ago
I agree, option D does seem like overkill. C is definitely the simpler and more secure choice.
upvoted 0 times
...
...
Malcolm
2 months ago
Option B seems too broad. Giving all users admin access to the secrets would be a security risk. I'd go with option C.
upvoted 0 times
...
Glory
2 months ago
I think option C is the correct answer. Setting 'Read' permissions on a secret scope containing only the relevant credentials ensures that each team has the minimum necessary access.
upvoted 0 times
Chu
27 days ago
I'm not sure, but option A doesn't seem right. 'Read' permissions on a secret key might not be enough to control access for each team.
upvoted 0 times
...
Lelia
1 months ago
I think option D could also work, as long as the teams have 'Manage' permissions on the secret scope containing their credentials.
upvoted 0 times
...
Darci
1 months ago
I agree, option C seems like the best choice. It ensures that each team only has access to the credentials they need.
upvoted 0 times
...
...
Keena
2 months ago
I agree with Luann. Option C ensures that only the necessary credentials are accessible to the team without granting unnecessary permissions.
upvoted 0 times
...
Luann
2 months ago
I think option C is the correct answer. Setting 'Read' permissions on a secret scope containing only those credentials makes sense.
upvoted 0 times
...

Save Cancel