Answer-first summary for fast verification
Answer: The ACCOUNTADMIN role should be assigned to at least two users., All users assigned the ACCOUNTADMIN role should use Multi-Factor Authentication (MFA).
The question asks for two best practices when assigning the ACCOUNTADMIN role. Option A is correct because assigning the ACCOUNTADMIN role to at least two users ensures redundancy and prevents a single point of failure for critical account-level operations. Option E is correct because Multi-Factor Authentication (MFA) is a security best practice for highly privileged roles like ACCOUNTADMIN to prevent unauthorized access. Option B is incorrect because ACCOUNTADMIN should not be used for routine object creation; SYSADMIN is more appropriate. Option C is incorrect because automated scripts should run under least-privilege roles, not ACCOUNTADMIN. Option D is incorrect because ACCOUNTADMIN should be granted sparingly based on the principle of least privilege, not to any user needing high authority. The community discussion shows strong consensus (67%) for AE, with upvoted comments supporting this selection.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Which two statements describe best practices for assigning the ACCOUNTADMIN role in Snowflake?
A
The ACCOUNTADMIN role should be assigned to at least two users.
B
The ACCOUNTADMIN role should be used to create Snowflake objects.
C
The ACCOUNTADMIN role should be used for running automated scripts.
D
The ACCOUNTADMIN role should be given to any user who needs a high level of authority.
E
All users assigned the ACCOUNTADMIN role should use Multi-Factor Authentication (MFA).
No comments yet.