Options without Row-Level Security
Question
There are a number of different options for data serving storage in Azure.
These options vary based on the capability they offer.
Which of the below-given options don't offer Row-Level security? (Select two options)
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.Correct Answers: B and F
The below table mentions the various security capabilities offered by different data serving storage options.
![Security capabilities
Capa
Authentication
Data encryption
at rest
Row-level
security
Supports
firewalls
Dynamic data
masking
SQL Database
SQL/ Azure
Active
Directory
(Azure AD)
Yes?
Yes
Yes
Yes
Yes
Yes
Azure
Data
Explorer
Azure AD
Yes
No
Yes
Yes
[1] Requires using a domain-joined HDInsight cluster.
HBase/Phoenix
on HDInsight
local / Azure AD '
Hive LLAP
on
HDInsight
local / Azure
AD!
Yes
Azure
Analysis
Services
Azure AD
Yes
Yes
Yes
No
Cosmos DB
database users
/ Azure AD via
access control
(AM)
Yes
No
Yes
No](https://eaeastus2.blob.core.windows.net/optimizedimages/static/images/Data-Engineering-on-Microsoft-Azure-(DP-203)/answer/imggp-4.png)
Option A is incorrect.
SQL Database offers Row-level security.
Option B is correct.
Azure Data Explorer doesn't provide Row-level security.
Option C is incorrect.
HBase/Phoenix on HDInsight offers Row-level security with domain-joined HDInsight clusters.
Option D is incorrect.
Hive LLAP on HDInsight offers Row level security with domain-joined HDInsight clusters.
Option E is incorrect.
Azure Analysis Services offers Row-level security.
Option F is correct.
Cosmos DB doesn't provide Row-level security.
To know more about analytical data stores in Azure, please visit the below-given link:
The two options that do not offer Row-Level Security are:
B. Azure Data Explorer F. Cosmos DB
Explanation: Row-Level Security (RLS) is a security feature that enables users to define and enforce fine-grained access control over individual rows in a database table, based on the characteristics of the user or application executing a query.
Let's look at each option to understand whether it supports RLS or not:
A. SQL Database - This option supports RLS. Users can define security policies that restrict access to rows based on various criteria.
B. Azure Data Explorer - This option does not support RLS. Azure Data Explorer is a fast and highly scalable data exploration service for log and telemetry data. However, it does not offer row-level security as a built-in feature.
C. HBase/Phoenix on HDInsight - This option supports RLS. HBase is a NoSQL database that supports row-level security through Access Control Lists (ACLs) and visibility expressions. Phoenix is a SQL layer on top of HBase that provides a SQL interface to HBase tables, and also supports RLS.
D. Hive LLAP on HDInsight - This option supports RLS. Hive is a SQL-like interface to Hadoop and supports RLS through Apache Ranger. Apache Ranger provides centralized security administration and fine-grained access control.
E. Azure Analysis Services - This option supports RLS. Azure Analysis Services is an enterprise-grade analytics service that supports RLS through roles and permissions.
F. Cosmos DB - This option does not support RLS. Cosmos DB is a globally distributed NoSQL database that offers a variety of consistency models, and fine-grained access control using role-based access control (RBAC). However, it does not support RLS as a built-in feature.
In conclusion, options B and F do not support Row-Level Security.
