Answer-first summary for fast verification
Answer: Integrate a third-party identity provider that supports OAuth2 and OpenID Connect, utilizing its capabilities for issuing short-lived access tokens, multi-factor authentication, and token revocation, without the need for maintaining in-house authentication infrastructure.
Option D is the best approach as it leverages a third-party identity provider's robust features for secure authentication, including support for multi-factor authentication, short-lived access tokens, and easy token revocation. This solution is scalable, cost-effective by eliminating the need for in-house authentication infrastructure, and complies with industry-standard security practices. It also simplifies compliance with security requirements by outsourcing identity management to a specialized provider.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
In the context of a Databricks project requiring a custom authentication mechanism for accessing the Databricks REST API, consider the following scenario: Your organization mandates the use of a secure, scalable, and cost-effective solution that supports multi-factor authentication and allows for the revocation of access tokens without impacting other users. Additionally, the solution must comply with industry-standard security practices. Given these requirements, which of the following approaches would BEST meet the organization's needs? (Choose one option.)
A
Utilize Databricks personal access tokens stored in a shared storage with restricted access, enabling quick revocation by deleting the token from the storage.
B
Deploy a custom OAuth2 server within your organization's infrastructure to issue and manage access tokens, integrating with your existing identity provider for user authentication and leveraging OAuth2's token revocation capabilities.
C
Develop a custom script that generates a new Databricks personal access token for each API request, ensuring tokens are short-lived by design but requiring significant overhead for token management.
D
Integrate a third-party identity provider that supports OAuth2 and OpenID Connect, utilizing its capabilities for issuing short-lived access tokens, multi-factor authentication, and token revocation, without the need for maintaining in-house authentication infrastructure.