SnowPro Advanced: Architect · 15% of the exam

Collaboration, Marketplace, and Cost Optimization: free practice questions

5 sample questions from our 38-question bank for this domain — answers and explanations included. These are the same scenario-based style as the real Snowflake exam.

1. An architect is designing a Snowflake Marketplace listing for a commercial data product. The provider wants to ensure that consumers can only access aggregated results and cannot query individual-level rows. Which combination of Snowflake security features can enforce this restriction directly on the shared objects? (Select TWO)

  • A. Row access policies attached to the shared table that return FALSE for all rows when the consumer queries below a minimum group size
  • B. Aggregate policies (minimum aggregation constraint) applied to the shared table✓ Correct
  • C. Dynamic data masking policies on PII columns to replace sensitive values with NULL
  • D. A secure view that wraps the base table and contains only GROUP BY aggregation queries✓ Correct
  • E. Column-level security using tag-based masking policies scoped to the Marketplace listing role
  • F. Network policies restricting consumer IP ranges from running non-aggregated queries
Explanation

Aggregate policies (B) are a Snowflake governance feature specifically designed to enforce minimum aggregation thresholds—preventing consumers from querying data at the individual row level. A secure view containing only GROUP BY aggregations (D) structurally prevents row-level access since the view definition forces aggregation, and the SECURE keyword hides the view definition from consumers. Row access policies (A) can block specific rows but cannot prevent a consumer from scanning all rows that pass the filter, so they do not reliably enforce aggregation minimums. Dynamic data masking (C) obfuscates column values but does not prevent row-level enumeration. Tag-based masking (E) has the same limitation as masking policies. Network policies (F) restrict network access by IP, not by query type, and cannot differentiate aggregated from non-aggregated queries.

2. A company wants to publish a dataset on the Snowflake Marketplace but requires that consumers can only query pre-approved columns and must never access raw PII fields. The data provider wants to enforce this restriction centrally without relying on consumers to configure their own access controls. Which Snowflake feature BEST satisfies this requirement?

  • A. Publish the listing using a secure view that exposes only approved columns, and reference that secure view as the listing object✓ Correct
  • B. Use a standard (non-secure) view and rely on Marketplace Terms of Service to prevent consumers from accessing PII
  • C. Share the underlying base tables directly and instruct consumers to create column-level masking policies on their side
  • D. Enable cross-cloud auto-fulfillment and configure network policies on the provider account to restrict column access
Explanation

Correct: Secure views prevent consumers from inspecting the view definition and restrict access to only the columns the provider exposes; since the shared object is the secure view, consumers can never access the underlying PII columns. This is the standard Snowflake pattern for governed data sharing. — Distractor B is wrong because Terms of Service is a legal control, not a technical enforcement mechanism; a standard view also exposes its definition to consumers. — Distractor C is wrong because sharing base tables gives consumers access to all columns; expecting consumers to apply masking policies is not a provider-enforced control. — Distractor D is wrong because cross-cloud auto-fulfillment and network policies operate at the network/account level, not at the column level, and cannot hide specific columns from consumers.

3. A startup publishes its first Snowflake Marketplace listing as a free data product. Three months later, the team wants to convert it to a paid listing and add a new data table to the share. Which sequence of actions is CORRECT?

  • A. Edit the existing listing in the Snowflake Marketplace provider interface to change the pricing model from free to paid, then use ALTER SHARE to add the new table to the underlying share object; existing consumers must re-request access under the new pricing terms.✓ Correct
  • B. Delete the existing listing and create a new paid listing with the additional table included; existing consumers are automatically migrated to the new listing with their access preserved.
  • C. Duplicate the share object using CREATE SHARE … CLONE, add the new table to the cloned share, and publish a new listing backed by the cloned share; the original free listing remains active in parallel.
  • D. Contact Snowflake Support to convert the listing pricing model, because listing monetization changes cannot be made self-service through the provider interface.
Explanation

Correct (A): Snowflake Marketplace listings can be edited by the provider, including changing the pricing model (free to paid) and updating the underlying share. The provider updates the listing's pricing configuration in the Provider Studio interface. The underlying share is modified with ALTER SHARE to include the new table. Existing consumers who had free access must go through the new request/approval flow under the paid model—access is not automatically grandfathered. Wrong (B): Deleting and recreating a listing is unnecessary and disruptive; it breaks existing consumer integrations, does not migrate consumers automatically, and wastes the listing's review/approval history. Snowflake does not automatically migrate consumers between separate listings. Wrong (C): CREATE SHARE … CLONE is not a valid Snowflake command—shares cannot be cloned using this syntax. Running two listings (free and paid) for the same product in parallel also creates consumer confusion and governance complexity. Wrong (D): Pricing model changes and listing updates are fully self-service through the Provider Studio in Snowsight. Snowflake Support involvement is not required for routine listing modifications.

4. A healthcare company wants to build a Data Clean Room with a pharmaceutical partner to analyze prescription trends without either party exposing patient-level records to the other. The architect proposes using the Snowflake Native App Framework. Which TWO statements MOST accurately describe how the Native App Framework enables privacy preservation in this scenario? (Select TWO)

  • A. The Native App can encapsulate analysis logic inside stored procedures and UDFs that operate on the provider's data without granting the consumer SELECT privileges on the underlying tables.✓ Correct
  • B. The Native App Framework uses differential privacy noise injection by default on all query results, ensuring mathematical privacy guarantees without any additional configuration.
  • C. A Native App installed in the consumer's account executes computation in the consumer's environment, but the provider controls what code runs and what data is exposed through the app's defined interface.✓ Correct
  • D. Native Apps automatically enforce HIPAA compliance through built-in PHI detection and data masking, removing the need for manual data governance configurations.
  • E. The provider can version-control and update the Native App logic without requiring the consumer to re-install the application, enabling governance policies to evolve over time.
Explanation

Correct (A): By wrapping analysis logic in stored procedures and UDFs within the Native App, the provider can expose only aggregated or derived outputs. The consumer invokes the app's interface but is never granted direct SELECT on the underlying tables—the code acts as a privacy-preserving computation layer. Correct (C): The Native App is installed and runs inside the consumer's Snowflake account, meaning the consumer's compute is used and their data can be joined with provider data. However, the provider fully controls the app code, defining exactly what queries execute and what results surface—this separation of control is the core privacy mechanism. Wrong (B): Differential privacy noise injection is NOT a default or automatic feature of the Native App Framework. It can be manually implemented in custom logic, but it requires explicit coding; it is not built in. Wrong (D): Native Apps do not include automatic HIPAA compliance, PHI detection, or built-in data masking. HIPAA compliance is a contractual and architectural responsibility; Snowflake provides tools (masking policies, etc.) but not automated PHI classification. Wrong (E): Native App versioning allows providers to publish new versions, but consumers must upgrade (or auto-upgrade can be configured); the statement that consumers never need to re-install is not accurate for all update scenarios and is not the primary privacy-preservation mechanism.

5. A company's Snowflake environment has grown to 22 warehouses ranging from X-SMALL to X-LARGE. A cost review shows that many warehouses are idle more than 70% of the time. The architect proposes consolidating workloads to reduce idle credit waste. Which TWO warehouse features should the architect configure on the consolidated warehouses to minimize idle credit consumption while maintaining query performance? (Select TWO)

  • A. Set AUTO_SUSPEND to a low value (e.g., 60 seconds) to quickly suspend idle warehouses✓ Correct
  • B. Set AUTO_SUSPEND to a high value (e.g., 30 minutes) to avoid cold-start latency for sporadic queries
  • C. Enable AUTO_RESUME so warehouses automatically start when a query is submitted✓ Correct
  • D. Set the warehouse size to X-LARGE by default to ensure all consolidated workloads fit without queuing
  • E. Disable the query result cache to force warehouse reuse for repeated queries
Explanation

Correct A: A low AUTO_SUSPEND value (e.g., 60 seconds) ensures warehouses suspend quickly when idle, directly reducing idle credit consumption — the primary waste identified. Correct C: AUTO_RESUME ensures the warehouse starts automatically when a query arrives, so users experience minimal friction even though the warehouse is frequently suspended. Together, these two settings maximize the suspend/resume cycle efficiency. — Distractor B is wrong because a high AUTO_SUSPEND value (30 minutes) keeps warehouses running during idle periods, which is the exact behavior causing the credit waste. — Distractor D is wrong because defaulting all workloads to X-LARGE wastes credits if the workloads don't require that scale; right-sizing should accompany consolidation. — Distractor E is wrong because the query result cache is free (no warehouse credits consumed) and disabling it would increase warehouse utilization and cost, not decrease it.

33 more questions in this domain

Practice the full bank with instant grading, flashcards, and a timed mock exam.

Start practicing free