You have an Azure subscription with an Azure Active Directory tenant containing a service principal named ServicePrincipal1. The subscription contains an Azure Data Lake Storage Gen2 account named adls1. This account has a folder named Folder2 with the URI https://adls1.dfs.core.windows.net/container1/Folder1/Folder2/.

ServicePrincipal1 has the following access control list (ACL) permissions assigned:

[Table showing existing ACL permissions for ServicePrincipal1]

You need to ensure ServicePrincipal1 can perform these actions on items created in Folder2:

• Traverse through child items.

• Read files.

The solution must follow the principle of least privilege.

Which two permissions should you grant to ServicePrincipal1 on Folder2? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.