You have a collection of reports for the HR department of your company. The datasets use row-level security (RLS). The company has multiple sales regions.
Each sales region has an HR manager.
You need to ensure that the HR managers can interact with the data from their region only. The HR managers must be prevented from changing the layout of the reports.
How should you provision access to the reports for the HR managers?
Publishing the reports in an app and granting the HR managers access permission ensures that they can interact with the data from their region only while preventing them from changing the layout of the reports. Apps in Power BI provide a secure and controlled way to share reports and dashboards with end users, allowing for the configuration of permissions and row-level security to limit data access based on roles.
I would say it is correct since an app would prevent to change the layout
Option A (Publish the reports in an app and grant the HR managers access permission) would be the best option to provide the HR managers with access to the reports while restricting them from modifying the layout. By publishing the reports in an app and granting the HR managers access permission, you can assign them specific roles and permissions that restrict their access to the underlying data while allowing them to view and interact with the reports. The RLS configuration can be set up to ensure that the HR managers can only see data from their own sales region.
Always when they say "prevent changing layout" select app.
Was at the exam on February 12th 2024
Exam: 15/10/2023 Score: 948/1000 Answer: A
15/10 is my bday :)
Happy early birthday!
It's annoying because I actually just did this today and got the answer wrong because I didn't think any of them were right/complete. What you do is go to Manage Profiles and create roles where each one is filtered by region. Then upload to the PBI server, assign roles to the respective HR managers, and provide them with viewer permissions so they can't open the reports in desktop mode.
so A is not the correct answer?
Option A (Publish the reports in an app and grant the HR managers access permission) would be the best option to provide the HR managers with access to the reports while restricting them from modifying the layout. By publishing the reports in an app and granting the HR managers access permission, you can assign them specific roles and permissions that restrict their access to the underlying data while allowing them to view and interact with the reports. The RLS configuration can be set up to ensure that the HR managers can only see data from their own sales region.
The correct answer is A since the reports is publish in an app.
correct answer
A is correct
We can rule out B & D because of the below: RLS only restricts data access for users with Viewer permissions. It doesn't apply to Admins, Members, or Contributors. Seem C doesn't grant any access. So answer must be A.
I don't think any of these options present a complete answer. you would manage what data each manager can view by using the manage role option in BI desktop and setting up a rule. this would be dependent upon having a manager dimension that contained details about which region each manager had responsibility for https://learn.microsoft.com/en-us/power-bi/report-server/row-level-security-report-server
although, if I had to choose, it would be A https://learn.microsoft.com/en-us/power-bi/consumer/end-user-apps
A is correct
Nice question
B is the correct answer. This approach is correct because: * Isolation: By creating a new workspace, we can keep the HR manager's reports separate from others, ensuring that they only have access to their own data and reports. * Access Control: We can add the HR managers as members of this specific workspace, granting them access to the datasets and reports they need while maintaining control over who can make changes the layout or content of the reports. * No impact on Existing reports: This approach does not affect the existing workspace that may contain reports for other departments or regions. It allows us to apply RLS and access control specifically for the HR managers without affecting other users.
Member can edit or delete B is not an option here. Correct answer should be A
Anser is A
A is correct.