Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam SnowPro Advanced Architect topic 1 question 99 discussion

Actual exam question from Snowflake's SnowPro Advanced Architect
Question #: 99
Topic #: 1
[All SnowPro Advanced Architect Questions]

How can the Snowflake context functions be used to help determine whether a user is authorized to see data that has column-level security enforced? (Choose two.)

  • A. Set masking policy conditions using CURRENT_ROLE targeting the role in use for the current session.
  • B. Set masking policy conditions using IS_ROLE_IN_SESSION targeting the role in use for the current account.
  • C. Set masking policy conditions using INVOKER_ROLE targeting the executing role in a SQL statement.
  • D. Determine if there are OWNERSHIP privileges on the masking policy that would allow the use of any function.
  • E. Assign the ACCOUNTADMIN role to the user who is executing the object.
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
MSIDDIQUI18
4 days, 11 hours ago
The following examples show how to use the INVOKER_ROLE in a masking policy SQL expression. Return NULL for unauthorized users: CREATE OR REPLACE MASKING POLICY mask_string AS (val string) RETURNS string -> CASE WHEN INVOKER_ROLE() IN ('ANALYST') THEN val ELSE NULL END;
upvoted 1 times
...
MSIDDIQUI18
4 days, 12 hours ago
A: The CURRENT_ROLE() context function returns the role currently active for the session. Masking policies can be configured to apply based on the current role, allowing different views of data based on the user's role. C: The INVOKER_ROLE() context function returns the role that invoked the function or SQL statement. This allows masking policies to dynamically apply based on the role executing the query, ensuring data security based on the user's permissions.
upvoted 1 times
...
67422cb
1 month, 2 weeks ago
Which you then use to determine whether the column is visible in a data masking arrangement. Why can't B be used?
upvoted 1 times
...
Atomic_Gecko
4 months, 1 week ago
Changing to A & C. Although C isn't recommended, it is the more accurate description. For B the documentation states: Verifies whether the account role is in the user’s active primary or secondary role hierarchy for the session or if the specified column contains a role that is in the user’s active primary or secondary role hierarchy for the session.
upvoted 1 times
...
Atomic_Gecko
4 months, 1 week ago
A & B are correct answers
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
ex Want to SAVE BIG on Certification Exam Prep?
close
ex Unlock All Exams with ExamTopics Pro 75% Off
  • arrow Choose From 1000+ Exams
  • arrow Access to 10 Exams per Month
  • arrow PDF Format Available
  • arrow Inline Discussions
  • arrow No Captcha/Robot Checks
Limited Time Offer
Ends in