Question 21
DP-750 voucher + Udemy course (lifetime access) = ₹3,500 for Indian ID card holders.
Details →A `transactions` table in Unity Catalog has a `region` column. A regional analyst group `emea_analysts` must see only rows where `region = 'EMEA'`, while members of the `global_admins` group must see all rows. You must enforce this with a **table-level row filter** so the restriction applies automatically to every query against the table, including queries from a SQL warehouse. Which approach correctly implements row-level security? ```sql -- Candidate row filter CREATE FUNCTION region_filter(region STRING) RETURN is_account_group_member('global_admins') OR region = 'EMEA'; ALTER TABLE transactions SET ROW FILTER region_filter ON (region); ```
- ACreate a view `transactions_emea` with `WHERE region = 'EMEA'` and revoke `SELECT` on the base table; row filters cannot reference group membership.
- BCreate a SQL UDF that returns a `BOOLEAN` (rows where it returns `FALSE` are excluded), using `is_account_group_member('global_admins') OR region = 'EMEA'`, then apply it with `ALTER TABLE transactions SET ROW FILTER region_filter ON (region)`.
- CCreate a column mask on `region` that returns `NULL` for non-EMEA rows; setting a value to `NULL` removes the row from results.
- DAdd a `WHERE` clause to the cluster's Spark configuration so every query against `transactions` is rewritten to filter `region = 'EMEA'`.