Answer: Iterating through a stored secret and printing each character will display secret contents in plain text., The Databricks REST API can be used to list secrets in plain text if the personal access token has proper credentials.

The question asks about limitations of Databricks Secrets. Here's the analysis: - **Option A**: Incorrect. SHA256 is a one-way hash function; secrets are encrypted, not hashed, and cannot be reversed. - **Option B**: Incorrect. Account administrators cannot view secrets in plain text via the console. Secrets are encrypted, and access requires explicit permissions. - **Option C**: Incorrect. Secrets are not stored in the Hive Metastore; they are managed securely outside of databases. - **Option D**: Correct. Once a secret is retrieved into code (e.g., via `dbutils.secrets.get`), users can programmatically expose it (e.g., iterating and printing characters), bypassing redaction. - **Option E**: Correct. The REST API's `GET /api/2.0/secrets/get` endpoint returns secrets in plain text if the personal access token (PAT) has sufficient permissions. While the option mentions 'list,' the critical limitation is that secrets can be retrieved via the API with proper credentials. Thus, the limitations are **D** (programmatic exposure) and **E** (API retrieval with valid PAT).

Author: LeetQuiz Editorial Team