Databricks Certified Data Engineer Professional Exam - Topic 4 Question 47 Discussion

Actual exam question for Databricks's Databricks Certified Data Engineer Professional exam

Question #: 47
Topic #: 4

[All Databricks Certified Data Engineer Professional Questions]

The data engineer team has been tasked with configured connections to an external database that does not have a supported native connector with Databricks. The external database already has data security configured by group membership. These groups map directly to user group already created in Databricks that represent various teams within the company.

A new login credential has been created for each group in the external database. The Databricks Utilities Secrets module will be used to make these credentials available to Databricks users.

Assuming that all the credentials are configured correctly on the external database and group membership is properly configured on Databricks, which statement describes how teams can be granted the minimum necessary access to using these credentials?

A''Read'' permissions should be set on a secret key mapped to those credentials that will be used by a given team.

BNo additional configuration is necessary as long as all users are configured as administrators in the workspace where secrets have been added.

C''Read'' permissions should be set on a secret scope containing only those credentials that will be used by a given team.

D''Manage'' permission should be set on a secret scope containing only those credentials that will be used by a given team.

Show Suggested Answer

Suggested Answer: C

In Databricks, using the Secrets module allows for secure management of sensitive information such as database credentials. Granting 'Read' permissions on a secret key that maps to database credentials for a specific team ensures that only members of that team can access these credentials. This approach aligns with the principle of least privilege, granting users the minimum level of access required to perform their jobs, thus enhancing security.

Databricks Documentation on Secret Management: Secrets

by Mary at Apr 08, 2026, 06:48 PM

Limited Time Offer

25%

Off

Get Premium Databricks Certified Data Engineer Professional Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Vicki

19 hours ago

I think we practiced a question similar to this where we had to decide between read and manage permissions. I feel like "read" is safer for just accessing credentials.

upvoted 0 times

...

Ardella

6 days ago

I remember we discussed the importance of setting the right permissions for secrets, but I'm not sure if it's better to use a secret key or a secret scope for this scenario.

upvoted 0 times

...