1. An architect is designing a Snowflake Marketplace listing for a commercial data product. The provider wants to ensure that consumers can only access aggregated results and cannot query individual-level rows. Which combination of Snowflake security features can enforce this restriction directly on the shared objects? (Select TWO)
- A. Row access policies attached to the shared table that return FALSE for all rows when the consumer queries below a minimum group size
- B. Aggregate policies (minimum aggregation constraint) applied to the shared table✓ Correct
- C. Dynamic data masking policies on PII columns to replace sensitive values with NULL
- D. A secure view that wraps the base table and contains only GROUP BY aggregation queries✓ Correct
- E. Column-level security using tag-based masking policies scoped to the Marketplace listing role
- F. Network policies restricting consumer IP ranges from running non-aggregated queries
Explanation
Aggregate policies (B) are a Snowflake governance feature specifically designed to enforce minimum aggregation thresholds—preventing consumers from querying data at the individual row level. A secure view containing only GROUP BY aggregations (D) structurally prevents row-level access since the view definition forces aggregation, and the SECURE keyword hides the view definition from consumers. Row access policies (A) can block specific rows but cannot prevent a consumer from scanning all rows that pass the filter, so they do not reliably enforce aggregation minimums. Dynamic data masking (C) obfuscates column values but does not prevent row-level enumeration. Tag-based masking (E) has the same limitation as masking policies. Network policies (F) restrict network access by IP, not by query type, and cannot differentiate aggregated from non-aggregated queries.