Answer: Use a native external table and authenticate by using a shared access signature (SAS).

## Detailed Explanation ### Understanding the Requirements This scenario involves creating an external table in a serverless SQL pool in Azure Synapse Analytics that references CSV files in Azure Data Lake Storage Gen2, with the primary requirement being **performance maximization**. ### Analysis of Options **Option A: Native external table with SAS authentication** ✅ - **Native external tables** are specifically optimized for serverless SQL pools in Azure Synapse Analytics and provide superior performance compared to Hadoop external tables - **Shared Access Signature (SAS)** authentication offers secure, granular access control without exposing storage account keys - This combination leverages Azure Synapse's native optimizations for external data access while maintaining security best practices **Option B: Native external table with storage account key** ❌ - While native external tables provide good performance, using storage account keys for authentication is **not recommended** for security reasons - Storage account keys provide full access to the entire storage account, creating unnecessary security risks - Microsoft recommends using SAS tokens or managed identities instead of storage account keys for external table authentication **Option C: Apache Hadoop external table with SAS authentication** ❌ - Apache Hadoop external tables are designed for compatibility with Hadoop ecosystems but **do not provide the same performance optimizations** as native external tables in Azure Synapse - Serverless SQL pools are optimized for native external tables, making this option suboptimal for performance **Option D: Apache Hadoop external table with service principal authentication** ❌ - Similar to Option C, this uses the less performant Hadoop external table approach - While Azure AD authentication is secure, the underlying table type doesn't maximize performance in serverless SQL pools ### Performance Considerations - Native external tables in serverless SQL pools are specifically engineered for optimal performance with Azure Data Lake Storage Gen2 - They support predicate pushdown, column pruning, and other query optimizations that Hadoop external tables lack - The authentication method (SAS) doesn't significantly impact performance but ensures security compliance ### Security Best Practices Using SAS tokens provides: - Time-limited access - Specific permissions (read-only for this scenario) - No exposure of storage account master keys - Revocable access without changing primary credentials ### Conclusion Option A represents the optimal configuration that balances both performance requirements and security best practices for external tables in serverless SQL pools.