Examice

Exam SnowPro Core All QuestionsBrowse all questions from this exam

Go to Exam

Question 223

What are best practice recommendations for using the ACCOUNTADMIN system-defined role in Snowflake? (Choose two.)

Ensure all ACCOUNTADMIN roles use Multi-factor Authentication (MFA).

All users granted ACCOUNTADMIN role must be owned by the ACCOUNTADMIN role.

The ACCOUNTADMIN role must be granted to only one user.

Assign the ACCOUNTADMIN role to at least two users, but as few as possible.

All users granted ACCOUNTADMIN role must also be granted SECURITYADMIN role.

Correct Answer: A, D

For best practice recommendations in using the ACCOUNTADMIN system-defined role in Snowflake, it is crucial to ensure that all ACCOUNTADMIN roles use Multi-factor Authentication (MFA) to enhance security. Moreover, assigning the ACCOUNTADMIN role to at least two users but as few as possible helps ensure continuity in administrative capabilities while minimizing exposure to potential misuse. These practices aim to balance security and operational efficiency.

Discussion

Lavpak

Answers are correct - https://docs.snowflake.com/en/user-guide/security-access-control-considerations.html#:~:text=The%20account%20administrator%20%28i.e%20users%20with%20the%20ACCOUNTADMIN,data%2C%20and%20can%20stop%20any%20running%20SQL%20statements.

LavpakOptions: AD

All users assigned the ACCOUNTADMIN role should also be required to use multi-factor authentication (MFA) for login (for details, see Configuring Access Control). Assign this role to at least two users.

MultiCloudIronManOptions: AD

correct

_yyuktaOptions: AD

AD are correct

azlovemovieOptions: AD

Answers are correct.