You haveAzure Data Lake Storage (ADLS) Gen1
You are assigned to ensure the security of data stored in this ADLS.
Which of the following is incorrect about the security implementation in ADLS?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: D.
Like most other Azure services, security data in ADLS can be done using Azure role-based access control (RBAC) and Access control Lists (ACL)
User and group based permissions and restrictions must be enabled to manage security effectively with ADLS data.
AD security groups should be assigned with appropriate ACLs.
In addition to that, IP-based restrictions can be implemented as an additional layer of protection at the network level.
Options A and B are incorrect: Since they are talking about creating and assigning the security groups with ADLS which is a required part of implementing Azure RBAC and ACLs.
Option C is incorrect: This is a network layer restriction that can be implemented at ADLS Gen1
So, that is also a security implementation.
The correct answer is D. None of the above.
Azure Data Lake Storage (ADLS) Gen1 is a cloud-based data storage service that is optimized for big data analytics workloads. It is designed to provide secure and scalable storage for a wide range of data types and workloads.
To ensure the security of data stored in ADLS, you can implement several security measures, including:
A. Create Security groups in Azure: Azure Active Directory (Azure AD) is a cloud-based identity and access management service that provides a set of tools and services for managing user identities and access to cloud resources. You can create security groups in Azure AD and add users to those groups based on their role or level of access. This allows you to manage access to ADLS based on group membership rather than individual user accounts.
B. Assign the Azure AD security groups as access control lists (ACLs) on the Data Lake Storage Gen1 file system: After you create security groups in Azure AD, you can assign those groups as ACLs on the ADLS file system. This allows you to control access to specific files and folders within the ADLS file system based on group membership.
C. Restrict the access to ADLS using IP range limiting: You can also restrict access to ADLS based on the IP address of the requesting client. This can be useful if you want to limit access to ADLS to specific clients or networks.
Therefore, all the options mentioned in the question are correct.