Question 22
DP-750 voucher + Udemy course (lifetime access) = ₹3,500 for Indian ID card holders.
Details →Your team stores a JDBC password for an external SQL Server in an existing Azure Key Vault. A notebook running on an Azure Databricks cluster must read this password at run time without ever hard-coding it. Corporate policy requires that the credential continue to be managed and rotated in Azure Key Vault, not duplicated inside Databricks. You decide to create an Azure Key Vault-backed secret scope and reference it from the notebook. Which sequence correctly retrieves the password? ```python # Candidate notebook code password = dbutils.secrets.get(scope="kv-sqlserver", key="jdbc-password") ```
- ACreate an **Azure Key Vault-backed** secret scope (supplying the vault's DNS name and resource ID) at `https://<workspace-url>/#secrets/createScope`, then read the value with `dbutils.secrets.get(scope="kv-sqlserver", key="jdbc-password")`.
- BCreate a Databricks-backed scope and run `databricks secrets put-secret kv-sqlserver jdbc-password`, copying the password out of Key Vault into Databricks so it is stored in both places.
- CMount the Key Vault as a DBFS path and read the secret with `spark.read.text("/mnt/keyvault/jdbc-password")`.
- DSet the password as a cluster environment variable in plain text and read it with `os.environ["JDBC_PASSWORD"]`.