Reddit

A security team is migrating from hardcoded credentials to the Databricks Secrets utility for external database connections. They have already successfully uploaded the database password to a secret scope named db_creds with the key jdbc_password and granted the necessary permissions.

They update their notebook code as follows:

password = dbutils.secrets.get(scope="db_creds", key="jdbc_password")
print(password)

df = (spark.read
      .format("jdbc")
      .option("url", connection)
      .option("dbtable", tablename)
      .option("user", username)
      .option("password", password)
      .load())

password = dbutils.secrets.get(scope="db_creds", key="jdbc_password")
print(password)

df = (spark.read
      .format("jdbc")
      .option("url", connection)
      .option("dbtable", tablename)
      .option("user", username)
      .option("password", password)
      .load())

What is the outcome when this code block is executed?

Real Exam

Last updated: January 6, 2026 at 15:40

The connection to the external table will fail, and the notebook output will display [REDACTED].

The connection will be successful, and the print statement will output the password as a plain text string.

An interactive input prompt will appear in the notebook requesting the password; if entered correctly, the password is then stored in DBFS.

The connection will be successful, and the print statement will output [REDACTED].

The notebook will trigger a prompt for the secret; upon entry, the connection succeeds and the password is shown in plain text.

Databricks Certified Data Engineer - Professional

Comments

Get started today