New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Snowflake ADA-C01 Exam - Topic 1 Question 2 Discussion

Actual exam question for Snowflake's ADA-C01 exam
Question #: 2
Topic #: 1
[All ADA-C01 Questions]

A user with the proper role issues the following commands when setting up and activating network policies:

CREATE OR REPLACE NETWORK POLICY foo_policy

ALLOWED_IP_LIST = ( '1.1.1.0/24', '2.2.2.0/24' , '3.3. 3. 0/24' )

BLOCKED IP LIST = ( '1.1.1.1')

COMMENT = 'Account level policy';

ALTER ACCOUNT SET NETWORK_POLICY=FOO_POLICY;

CREATE OR REPLACE NETWORK POLICY bar_policy

ALLOWED_IP_LIST = ('3.3.3.0/24')

BLOCKED IP LIST = ('3.3.3.10')

COMMENT = 'user level policy';

ALTER USER userl SET NETWORK_POLICY=BAR_POLICY;

Afterwards, user1 attempts to log in to Snowflake from IP address 3.3.3.10.

Will the login be successful?

Show Suggested Answer Hide Answer
Suggested Answer: B

According to the Snowflake documentation1, network policies are a feature that allows restricting access to your account based on user IP address. A network policy can be applied to an account, a user, or a security integration, and can specify a list of allowed IP addresses and a list of blocked IP addresses. If there are network policies applied to more than one of these, the most specific network policy overrides more general network policies. In this case, the user1 has a network policy (bar_policy) applied to them, which overrides the account-level network policy (foo_policy). The bar_policy allows access only from the IP range 3.3.3.0/24, and blocks access from the IP address 3.3.3.10. Therefore, the user1 will not be able to log in to Snowflake from IP address 3.3.3.10, as it is found in the BLOCKED_IP_LIST of bar_policy. Option A is incorrect because the ALLOWED_IP_LIST of bar_policy does not override the BLOCKED_IP_LIST of bar_policy. Option C is incorrect because the ALLOWED_IP_LIST of foo_policy does not apply to user1, as it is overridden by the user-level network policy. Option D is incorrect because the ALLOWED_IP_LIST of foo_policy does not matter, as it is overridden by the user-level network policy.


by Gregoria at Jan 26, 2024, 12:31 PM

Limited Time Offer

25%

Off

Get Premium ADA-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Estrella
3 months ago
Yup, definitely a no-go for that login attempt!
upvoted 0 times
...
Peggie
3 months ago
Just to clarify, foo_policy doesn't allow that IP either.
upvoted 0 times
...
Lura
3 months ago
Wait, so the BLOCKED list overrides the ALLOWED list?
upvoted 0 times
...
Haydee
4 months ago
Totally agree, that login will fail for sure.
upvoted 0 times
...
Tarra
4 months ago
The IP 3.3.3.10 is in the BLOCKED_IP_LIST of bar_policy.
upvoted 0 times
...
Henriette
4 months ago
I thought allowed lists were more important, but now I'm confused about how the policies interact.
upvoted 0 times
...
Daniel
4 months ago
I practiced a similar question, and I feel like the login would fail because of the block in bar_policy.
upvoted 0 times
...
Colette
4 months ago
I'm not entirely sure, but I remember something about how blocked IPs take precedence over allowed ones.
upvoted 0 times
...
Juan
5 months ago
I think the answer is B because 3.3.3.10 is in the BLOCKED_IP_LIST of bar_policy.
upvoted 0 times
...
Judy
5 months ago
Ah yes, the bar_policy takes precedence over the foo_policy since it's applied at the user level. The login from 3.3.3.10 should be blocked.
upvoted 0 times
...
Aliza
5 months ago
I think I've got it! The user1 is trying to log in from an IP address that's blocked in the bar_policy, so the login should be unsuccessful.
upvoted 0 times
...
Yuki
5 months ago
I'm a bit confused here. The question mentions two different policies, but I'm not sure how they're being applied. I'll need to re-read this a few times.
upvoted 0 times
...
Rozella
5 months ago
Okay, let me break this down step-by-step. The key is understanding how the account-level and user-level policies interact.
upvoted 0 times
...
Kattie
5 months ago
Hmm, this looks like a tricky one. I'll need to carefully read through the policy definitions and think through the order of precedence.
upvoted 0 times
...
Valentine
5 months ago
This one seems pretty straightforward. I'd recommend crypto-shredding to securely erase the sensitive customer data.
upvoted 0 times
...
Van
5 months ago
Hm, this is a bit confusing. I'll need to go through the options step-by-step and make sure I understand the conditions and what they're asking for.
upvoted 0 times
...
Raelene
5 months ago
I'm pretty sure the Visualization tab is where I've seen those types of charts before, so I'll go with option D.
upvoted 0 times
...

Save Cancel