Free Microsoft AZ-305 Actual Exam Questions - Question 14 Discussion

I think choosing Azure Data Lake Storage Gen2 ACLs is key since it handles folder-level permissions natively. Also, mounting the ADLS Gen2 storage directly in Databricks keeps costs and dev work low compared to custom access controls.

Using ACLs on ADLS Gen2 folders is smart here since it directly controls access without extra coding. Also, mounting the storage in Databricks as DBFS doesn’t add cost or complexity, so that fits the requirements well.

I’d go with using Azure Data Lake Storage Gen2 ACLs for controlling folder permissions since it’s designed for fine-grained access and fits well with Databricks mounts. Setting up ADLS Gen2 ACLs means data engineers only get access to folders they have permissions for, which hits the security requirement directly. Also, it’s less work than implementing complex RBAC or custom scripts, so it keeps development effort and cost low. I’d skip options that suggest broad permissions or complicate the environment because that wouldn’t meet the minimize effort or cost part.

This question feels a bit open-ended with the hotspot format since we can pick multiple options. The key points seem to be controlling access at folder level for data engineers but without making development or cost too high. I guess using Azure Data Lake Storage Gen2 with ACLs for folder permissions makes sense, since it offers fine-grained access control. Also, mounting storage directly to Databricks is a common pattern that keeps things simple. I'm not totally sure about the networking option here - whether to use public endpoints or private link might depend on security requirements, but i