For a semantic model that must enforce security and reflect current-year data, which authentication method and mode should be used?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Fabric Analytics Engineer Associate Test with comprehensive materials. Explore flashcards, multiple choice questions, and detailed explanations. Get ready for your success!

Multiple Choice

For a semantic model that must enforce security and reflect current-year data, which authentication method and mode should be used?

Explanation:
The key idea is pairing a user-based, live access pattern with the data source itself. Single Sign-On provides a real user identity that your security model can trust, and Direct Lake queries the data directly in the lake at query time. This means each user’s permissions are evaluated on the current data as it exists, so you get up-to-date (current-year) information while enforcing access controls exactly as intended. Other options fall short because they either don’t carry the user identity into the data layer or rely on a static or app-only context. Basic authentication is outdated and lacks proper federated identity support for per-user access control. Service principal authentication uses an application identity rather than a person, so you lose the necessary user context to apply row-level or dynamic security. Import would pull a snapshot into the model, breaking freshness for the current year and reducing security enforcement to the model level rather than the live data source. Therefore, using SSO with Direct Lake gives you secure, per-user access and live, current-year data.

The key idea is pairing a user-based, live access pattern with the data source itself. Single Sign-On provides a real user identity that your security model can trust, and Direct Lake queries the data directly in the lake at query time. This means each user’s permissions are evaluated on the current data as it exists, so you get up-to-date (current-year) information while enforcing access controls exactly as intended.

Other options fall short because they either don’t carry the user identity into the data layer or rely on a static or app-only context. Basic authentication is outdated and lacks proper federated identity support for per-user access control. Service principal authentication uses an application identity rather than a person, so you lose the necessary user context to apply row-level or dynamic security. Import would pull a snapshot into the model, breaking freshness for the current year and reducing security enforcement to the model level rather than the live data source.

Therefore, using SSO with Direct Lake gives you secure, per-user access and live, current-year data.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy