Snowflake ADA-C01 Exam - Topic 6 Question 6 Discussion

Actual exam question for Snowflake's ADA-C01 exam

Question #: 6
Topic #: 6

A user has enrolled in Multi-factor Authentication (MFA) for connecting to Snowflake. The user informs the Snowflake Administrator that they lost their mobile phone the previous evening.

Which step should the Administrator take to allow the user to log in to the system, without revoking their MFA enrollment?

AAlter the user and set MINS TO BYPASS MFA to a value that will disable MFA long enough for the user to log in.

BAlter the user and set DISABLE_MFA to true, which will suspend the MFA requirement for 24 hours.

CInstruct the user to connect to Snowflake using SnowSQL, which does not support MFA authentication.

DInstruct the user to append the normal URL with /?mode=mfa_bypass&code= to log on.

Show Suggested Answer

Suggested Answer: A

The MINS_TO_BYPASS_MFA property allows the account administrator to temporarily disable MFA for a user who has lost their phone or changed their phone number1. The user can log in without MFA for the specified number of minutes, and then re-enroll in MFA using their new phone1. This does not revoke their MFA enrollment, unlike the DISABLE_MFA property, which cancels their enrollment and requires them to re-enroll from scratch1. The other options are not valid ways to bypass MFA, as SnowSQL does support MFA authentication2, and there is no such URL parameter as /?mode=mfa_bypass&code= for Snowflake3

by Deandrea at Jan 28, 2024, 09:25 PM

Limited Time Offer

25%

Off

Get Premium ADA-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Asha

3 months ago

Definitely not A, we shouldn't disable MFA completely.

upvoted 0 times

...

Evan

3 months ago

C is not a solution, SnowSQL doesn't help with MFA!

upvoted 0 times

...

Vicki

3 months ago

Wait, can you really bypass MFA like that? Sounds risky!

upvoted 0 times

...

Andree

4 months ago

I think B is better, 24 hours is a good window.

upvoted 0 times

...

Glen

4 months ago

Option D is the way to go! MFA bypass is the best choice here.

upvoted 0 times

...

Rosalia

4 months ago

I think the correct approach involves appending something to the URL, but I can't remember the exact format we discussed in class.

upvoted 0 times

...

Jess

4 months ago

I feel like using SnowSQL was mentioned in our study materials, but I can't recall if it was a good option for MFA situations.

upvoted 0 times

...

Lonny

4 months ago

I think we practiced a question similar to this where we had to disable MFA temporarily. Was it about setting a value to bypass MFA?

upvoted 0 times

...

Craig

5 months ago

I remember something about bypassing MFA, but I'm not sure if it's through altering user settings or a specific URL.

upvoted 0 times

...

Lottie

5 months ago

I'm a little hesitant about the idea of disabling MFA entirely, even for a short period. Isn't there a way we can just temporarily bypass the MFA requirement without turning it off completely? I want to make sure we're not introducing any unnecessary security risks.

upvoted 0 times

...

Weldon

5 months ago

I'm pretty confident that option B is the way to go. Disabling MFA for a limited time is the most straightforward solution that still maintains the user's security. I'd recommend going with that approach.

upvoted 0 times

...

Louisa

5 months ago

Okay, let's think this through step-by-step. The key is to find a way to bypass the MFA requirement temporarily, without compromising the user's security. I think option B, disabling MFA for 24 hours, might be the best solution here.

upvoted 0 times

...

Celeste

5 months ago

Hmm, I'm a bit unsure about this one. I know we need to find a way to let the user log in without revoking their MFA, but I'm not sure if altering their account settings is the right way to go about it.

upvoted 0 times

...

Melissa

5 months ago

I think the best approach here would be to temporarily disable the MFA requirement for the user, rather than revoking their enrollment entirely. That way, they can still log in without having to go through the full MFA process.

upvoted 0 times

...

Reed

5 months ago

The exhibit has a lot of information, but I'm not entirely sure I'm interpreting it correctly. I'll need to take my time and double-check my understanding before selecting the answers.

upvoted 0 times

...

Arlen

5 months ago

I think option C might be the right choice since it mentions "ProjectProtection," which seems crucial for data security.

upvoted 0 times

...

Joana

5 months ago

Okay, let me break this down. The key seems to be finding a scripting technique that can properly recognize the actions taken by the tester when interacting with the GUI. Data-driven or keyword-driven might be the way to go.

upvoted 0 times

...

Melodie

5 months ago

This is a tricky one. I'll need to think carefully about the differences between the cloud service models to figure out which risk doesn't apply to the public cloud.

upvoted 0 times

...