You need to get data from the Microsoft SQL Server tables.
What should you use to configure the connection?
You need to get data from the Microsoft SQL Server tables.
What should you use to configure the connection?
To configure the connection to get data from the Microsoft SQL Server tables, you should use DirectQuery that utilizes a database credential. DirectQuery enables real-time queries directly to the data source, which is essential when immediate data reflections are necessary, such as maintaining a maximum latency of five minutes. By using a database credential, it provides a structured and secure way of managing access, while ensuring that proper security and performance measures are upheld, avoiding the complexity and potential security risks associated with using end-user credentials.
I think it should be: C. DirectQuery that uses a database credential If you used the credentials of the user (D) then all users would need to be created in the database.
If the end users in AD have been given access the database, then it won't be necessary to create them again in direct query i think. "After you publish an Azure SQL DirectQuery dataset to the service, you can enable single sign-on (SSO) using Azure Active Directory (Azure AD) OAuth2 for your end users."
When the SSO option is enabled and your users access reports built atop the data source, Power BI sends their authenticated Azure AD credentials in the queries to the Azure SQL database or data warehouse. This option enables Power BI to respect the security settings that are configured at the data source level.
So answer is D
So answer is D
When the SSO option is enabled and your users access reports built atop the data source, Power BI sends their authenticated Azure AD credentials in the queries to the Azure SQL database or data warehouse. This option enables Power BI to respect the security settings that are configured at the data source level.
So answer is D
So answer is D
The requirements are: - Litware plans to leverage data from an Azure SQL database (not an on-premise SQL Server) - Litware uses Azure Active Directory (Azure AD) to authenticate users (not through gateway) - The maximum allowed latency to include transactions in reports is five minutes (not import and schedule refresh) So the answer is D. DirectQuery that uses the end-user's credentials We will also give the AD group that represents the whole company the read access to the database so all users can run direct queries on the database.
Sorry I was wrong. After I reviewed my own responses, I think the answer is C. DirectQuery that uses a database credential A gateway should be implemented with DirectQuery and users should not be given read access to the database directly. This is to ensure that RSL in PowerBI is warranted. If users are given direct read access to the database, they can easily bypass the RSL in PowerBI.
Now, you get the point. You cannot grant users direct access to database. It is an abomination in database security. A user could delete the entire database mistakenly or intentionally. :)
No you dont, its an azure sql database, unless it explicitly say managed instance you dont need a gateway
Now, you get the point. You cannot grant users direct access to database. It is an abomination in database security. A user could delete the entire database mistakenly or intentionally. :)
No you dont, its an azure sql database, unless it explicitly say managed instance you dont need a gateway
I passed the exam today (948/1000). My answer was: - DirectQuery that uses a database credential
C should be correct. Link: https://learn.microsoft.com/en-us/power-bi/connect-data/desktop-directquery-about Quote: "Alternate credentials aren't supported when making DirectQuery connections to SQL Server from Power BI Desktop. You can use your current Windows credentials or database credentials."
It's a little confusing. It says in the infos that there is an Azure SQL database (cloud) and Azure AD is used to authenticate users. But in the question it says Microsoft SQL Server, which is on-premises ... strange. If it's a writing error and Azure SQL database is meant in the question as well, I would go for answer D. When you follow the link in the explanation of the solution provided, there is stated that you can enable SSO, so that end users use their own OAuth2 credentials. Anyway, if Microsoft SQL Server is meant actually, you can also enable AD SSO via Kerberos, but I'm not sure if this is the best solution.
Answer should be C
Should be C. Read Mizaan's comments
why direct query and not import?
See this last requirement: "The maximum allowed latency to include transactions in reports is five minutes."
I think C because of "The sales managers must be able to see only the sales data of their respective region." and the 5 minute latency. Doing an import every 5 minutes seems impractical. Using Direct Query will honor the security in place on the database.
D DirectQuery lets a report viewer's credentials pass through to the underlying source, which applies security rules. DirectQuery supports single sign-on (SSO) to Azure SQL data sources, and through a data gateway to on-premises SQL servers. For more information, see Overview of single sign-on (SSO) for gateways in Power BI. https://learn.microsoft.com/en-us/power-bi/connect-data/desktop-directquery-about
I second AzureJobsTillRetire comment
The definite answer is C. DirectQuery that uses a database credential
It is definitely weird, to say they use Azure SQL, and then say its Microsoft SQL Server, which certainly sounds like an onpremis (or a VM, which they dont mention). So I would have to go with D if its Azure, C if its On Premise
In my opinion it should be C. If this would be D, all end users would need to have access to the database which I believe is not good approach.
I would say C because we have to configure gateway that uses database credential right ?
I think I am wring DirectQuery lets a report viewer's credentials pass through to the underlying source, which applies security rules. DirectQuery supports single sign-on (SSO) to Azure SQL data sources, and through a data gateway to on-premises SQL servers. For more information, see Overview of single sign-on (SSO) for gateways in Power BI. https://learn.microsoft.com/en-us/power-bi/connect-data/desktop-directquery-about
Answer is C
I think C
No confusion, no need to discuss further
apocalyptic levels of confusion :D
apocalyptic levels of confusion :D
As given in the description, you can enable single sign-on (SSO) using Azure Active Directory (Azure AD) OAuth2 for your end users. Azure AD authentication is a mechanism to connect to your SQL resource by using identities in Azure AD. With Azure AD authentication, you can centrally manage the identities of database users and other Microsoft services in one central location. Central ID management provides a single place to manage database users and simplifies permission management.
"maximum allowed latency..... is five minutes" requires tee DirectQuery storage mode in our data model so Options C or D. It's assumed no all end-users (in fact it's expected not too many of them, if any) would have access to database, therefore connection must be set using database credentials
Question says we have to get data from Microsoft SQL Server and not from Azure SQL. Shouldn't it be database credentials and import mode then ?
See this last requirement: "The maximum allowed latency to include transactions in reports is five minutes." So it must be DirectQuery.
Above reply. Also typically you wouldn't want to import production databases. They'll cripple your performance
Answer is C
The maximum allowed latency to include transactions in reports is five minutes. Question You need to get data from the Microsoft SQL Server tables. What should you use to configure the connection? A. Import that uses a Microsoft account B. Import that uses a database credential C. DirectQuery that uses a database credential D. DirectQuery that uses the end-user's credentials
Sorry Option C. DirectQuery that uses a database credential, is the best choice to configure the connection as the maximum allowed latency is five minutes, which is a relatively short time frame. DirectQuery mode in Power BI allows queries to be sent directly to the data source, without importing the data into Power BI. This way, the report data stays up-to-date with the source data, and the maximum latency of five minutes can be easily achieved. Using a database credential to connect to the SQL Server tables ensures secure access to the database. This also helps to meet the authentication requirements for Azure AD. Option D, DirectQuery that uses the end-user's credentials, is not recommended as it can create security vulnerabilities, and it may not meet the requirements for Azure AD authentication.
db credentials (sql server groups) make use of AD groups, never individual users; Maybe if your company has some 10 resources but in big businesses (like at least 1.000 resources) it would be a nightmare to manage. A case where you might want to use DB credentials is when you use impersonation on sql server side (aka : technical user ID)
Selected Answer: D DirectQuery provides real-time data access, and using the end-user's credentials ensures that each user sees data they are permitted to see according to their permissions in Azure Active Directory. This aligns with the security requirements of allowing sales managers to see only their respective region's data and other role-specific data views.
why not C: Using a shared database credential does not enforce row-level security (RLS) at the database level, meaning all users would see the same data, which violates the requirement for sales managers to see only their respective regions.
The correct answer is: D. DirectQuery that uses the end-user's credentials. Here’s the reasoning: Low-Latency Requirement: Since the maximum allowed latency for the reports is five minutes, you need to ensure near real-time access to the data. This is best achieved with DirectQuery, as it queries the database live rather than relying on cached or imported data. Azure SQL Database with Azure AD Authentication: The company uses Azure Active Directory (Azure AD) for authentication. Using the end-user's credentials ensures that row-level security (RLS) can be enforced at the database level, restricting data access to only what the authenticated user is permitted to see. Alignment with Reporting Requirements: The reporting requirements involve personalized data visibility, such as sales managers seeing only their region’s data. Using the end-user’s credentials ensures these data security needs are met.