ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Analytics - Specialty All Questions

View all questions & answers for the AWS Certified Data Analytics - Specialty exam
Go to Exam

Exam AWS Certified Data Analytics - Specialty topic 1 question 141 discussion

Exam question from Amazon's AWS Certified Data Analytics - Specialty
Question #: 141
Topic #: 1
[All AWS Certified Data Analytics - Specialty Questions]

A company uses Amazon Redshift as its data warehouse. A new table includes some columns that contain sensitive data and some columns that contain non- sensitive data. The data in the table eventually will be referenced by several existing queries that run many times each day.
A data analytics specialist must ensure that only members of the company's auditing team can read the columns that contain sensitive data. All other users must have read-only access to the columns that contain non-sensitive data.
Which solution will meet these requirements with the LEAST operational overhead?

  • A. Grant the auditing team permission to read from the table. Load the columns that contain non-sensitive data into a second table. Grant the appropriate users read-only permissions to the second table.
  • B. Grant all users read-only permissions to the columns that contain non-sensitive data. Use the GRANT SELECT command to allow the auditing team to access the columns that contain sensitive data.
  • C. Grant all users read-only permissions to the columns that contain non-sensitive data. Attach an IAM policy to the auditing team with an explicit. Allow action that grants access to the columns that contain sensitive data.
  • D. Grant the auditing team permission to read from the table. Create a view of the table that includes the columns that contain non-sensitive data. Grant the appropriate users read-only permissions to that view.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by chp2022 at April 25, 2022, 4:30 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Teraxs
Highly Voted 3 years, 1 month ago
Selected Answer: B
B - GRANT defines access privileges for a user or user group. https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html
upvoted 7 times
...
pk349
Most Recent 2 years, 1 month ago
B: I passed the test
upvoted 3 times
...
MultiCloudIronMan
2 years, 8 months ago
Selected Answer: B
The question also says the least operational over head, that makes B the right answer.
upvoted 4 times
nadavw
2 years, 6 months ago
Views or AWS Lake Formation on Amazon Redshift Spectrum was used previously to manage such scenarios, however this adds extra overhead in creating and maintaining views or Amazon Redshift Spectrum. View based approach is also difficult to scale and can lead to lack of security controls. Amazon Redshift column-level access control is a new feature that supports access control at a column-level for data in Amazon Redshift. You can use column-level GRANT and REVOKE statements to help meet your security and compliance needs similar to managing any database object. https://aws.amazon.com/blogs/big-data/achieve-finer-grained-data-security-with-column-level-access-control-in-amazon-redshift/
upvoted 5 times
...
...
rocky48
2 years, 11 months ago
Selected Answer: B
Answer is B
upvoted 2 times
...
CloudTimes
3 years ago
Selected Answer: B
Answer is B
upvoted 2 times
...
Bik000
3 years ago
Selected Answer: B
Answer should be B
upvoted 2 times
...
certificationJunkie
3 years ago
It's B. https://aws.amazon.com/about-aws/whats-new/2020/03/announcing-column-level-access-control-for-amazon-redshift/
upvoted 1 times
...
facoxa
3 years, 1 month ago
Selected Answer: D
Grant command give access to table or database level, not column level. View are selected projection of a table hence can be and shud be used here
upvoted 3 times
redpirate
3 years ago
Use this command to give specific privileges for a table, database, schema, function, procedure, language, or column, https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html. so it is B
upvoted 2 times
...
WonderTan
2 years, 10 months ago
Grant command give access to table or database or column https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html
upvoted 1 times
...
Gavin_Y
2 years, 10 months ago
columm level is enabled according to https://aws.amazon.com/cn/about-aws/whats-new/2020/03/announcing-column-level-access-control-for-amazon-redshift/
upvoted 1 times
...
...
jrheen
3 years, 1 month ago
Answer: B
upvoted 1 times
...
chp2022
3 years, 1 month ago
I think it's B
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel