Exam NAS-C01 Topic 1 Question 54 Discussion

Actual exam question for Snowflake's NAS-C01 exam
Question #: 54
Topic #: 1
You are developing a Snowflake Native App that requires granular access control to its underlying data for consumer accounts. You want to implement a secure pattern that limits direct access to the data while allowing specific operations through your app's procedures. Which of the following approaches represent the MOST secure and recommended practices regarding access control in the setup script, assuming you also want to grant USAGE on future schema?

Suggested Answer: C,E Vote an answer

Granting SELECT directly is insecure (A). Secure views provide some abstraction but still allow direct SELECT (B). Granting OWNERSHIP gives excessive privileges (D). Stored procedures with EXECUTE AS OWNER or 'EXECUTE AS CALLER , combined with limited schema privileges, offer the best control and security. 'EXECUTE AS OWNER' allows the procedure to run with the privileges of the app itself, bypassing consumer privileges, and 'EXECUTE AS CALLER' uses consumer's priviledges, but still contains the data logic. Both combined, gives the best secure and recommended access control.

by Eli at Jun 06, 2026, 11:22 AM

Limited Time Offer

15%

Off

Get Premium NAS-C01 Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10