Snowflake Exam ADA-C01 Topic 1 Question 16 Discussion

Actual exam question for Snowflake's ADA-C01 exam

Question #: 16
Topic #: 1

A user has enrolled in Multi-factor Authentication (MFA) for connecting to Snowflake. The user informs the Snowflake Administrator that they lost their mobile phone the previous evening.

Which step should the Administrator take to allow the user to log in to the system, without revoking their MFA enrollment?

AAlter the user and set MINS TO BYPASS MFA to a value that will disable MFA long enough for the user to log in.

BAlter the user and set DISABLE_MFA to true, which will suspend the MFA requirement for 24 hours.

CInstruct the user to connect to Snowflake using SnowSQL, which does not support MFA authentication.

DInstruct the user to append the normal URL with /?mode=mfa_bypass&code= to log on.

Show Suggested Answer

Suggested Answer: A

The MINS_TO_BYPASS_MFA property allows the account administrator to temporarily disable MFA for a user who has lost their phone or changed their phone number1. The user can log in without MFA for the specified number of minutes, and then re-enroll in MFA using their new phone1. This does not revoke their MFA enrollment, unlike the DISABLE_MFA property, which cancels their enrollment and requires them to re-enroll from scratch1. The other options are not valid ways to bypass MFA, as SnowSQL does support MFA authentication2, and there is no such URL parameter as /?mode=mfa_bypass&code= for Snowflake3

by Elenor at Jun 20, 2024, 06:11 AM

Limited Time Offer

25%

Off

Get Premium ADA-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Roslyn

8 months ago

Lost your phone and need to log in? Sounds like a job for the IT superhero, Option B: Disable MFA for 24 hours. Just don't forget to re-enable it when you're done, or the security goblins might get you!

upvoted 0 times

Latosha

7 months ago

Administrator: Remember to re-enable MFA after logging in.

upvoted 0 times

...

Ressie

7 months ago

User: Thanks! I can log in now.

upvoted 0 times

...

Candida

7 months ago

Administrator: Let's disable MFA for 24 hours.

upvoted 0 times

...

Susy

7 months ago

User: I lost my phone and can't log in.

upvoted 0 times

...

Wilson

8 months ago

Option C? You kidding me? Telling the user to use SnowSQL just because they lost their phone? That's like telling them to use a flip phone from the 90s. Come on, people, let's live in the 21st century here.

upvoted 0 times

...

Tamala

8 months ago

Oof, lost your phone? That's the worst. Option D sounds like a sneaky way to bypass MFA, but I don't know if I'd trust that. Probably best to go with the official route, even if it's a bit inconvenient.

upvoted 0 times

Bettyann

6 months ago

Definitely, better safe than sorry when it comes to MFA.

upvoted 0 times

...

Dalene

6 months ago

I agree, it's better to go with the official route to avoid any security risks.

upvoted 0 times

...

Glen

7 months ago

Yeah, losing your phone is a nightmare. Option D does sound a bit sketchy.

upvoted 0 times

...

Tresa

7 months ago

I think it's safer to go with the official route.

upvoted 0 times

...

Shawnee

7 months ago

I agree, option D does seem a bit sketchy.

upvoted 0 times

...

Christoper

8 months ago

Yeah, losing your phone is a nightmare.

upvoted 0 times

...

Lynna

8 months ago

I agree with Dion, using SnowSQL seems like the most secure way to log in without MFA.

upvoted 0 times

...

Dion

8 months ago

I think instructing the user to use SnowSQL is the safest option to bypass MFA.

upvoted 0 times

...

Dino

8 months ago

I disagree, I believe setting DISABLE_MFA to true for 24 hours is a better option.

upvoted 0 times

...

Demetra

9 months ago

I think the Administrator should alter the user and set MINS TO BYPASS MFA to disable MFA temporarily.

upvoted 0 times

...

Azalee

9 months ago

Disabling MFA completely for 24 hours? That's a bit excessive, isn't it? Option A seems more prudent - just tweak the bypass time to let the user log in for now.

upvoted 0 times

Myong

7 months ago

Setting the MINS TO BYPASS MFA to a suitable value is a more secure approach than disabling MFA altogether.

upvoted 0 times

...

Tuyet

8 months ago

The administrator should definitely go with Option A to ensure security while helping the user access the system.

upvoted 0 times

...

Huey

8 months ago

Agreed, disabling MFA completely for 24 hours is risky. Option A is a safer bet.

upvoted 0 times

...

Miriam

8 months ago

Option A seems like the best choice here. It's a temporary solution to help the user log in.

upvoted 0 times

...

Linn

9 months ago

Option B seems like the easiest way to get the user back in without revoking their MFA enrollment. 24 hours should be enough time to sort out the lost phone issue.

upvoted 0 times

Tamekia

8 months ago

That sounds like a good solution. It gives the user time to sort out the lost phone situation.

upvoted 0 times

...

Emiko

8 months ago

B) Alter the user and set DISABLE_MFA to true, which will suspend the MFA requirement for 24 hours.

upvoted 0 times

...