Free Microsoft Data Engineering DP-700 Actual Exam Questions - Question 9 Discussion

It’s A because direct sharing with read access via SQL endpoint limits User1 to just query data without broader workspace or Spark permissions, keeping the access tightly scoped as required.

It’s A because sharing Lakehouse1 directly with SQL read access avoids workspace roles that expose other items or Spark capabilities. This keeps User1’s access narrow and secure.

B tbh, assigning Viewer role alone still gives some workspace visibility, which we want to avoid. Sharing Lakehouse1 directly with SQL read access is cleaner and safer to block Spark and other items.

Option A makes the most sense to me too. Sharing Lakehouse1 directly with that specific permission focuses User1’s access strictly on SQL querying for that lakehouse, so they can’t mess with Spark or poke around other workspace content. Giving roles like Viewer or Member for the whole workspace (B or D) seems like overkill and risks exposing more than intended. Option C mentions “Build reports,” which seems more about Power BI integration rather than controlling SQL or Spark access, so probably not the best fit here.

A imo, because sharing Lakehouse1 directly with ‘Read all SQL endpoint data’ lets User1 query via SQL but blocks Spark access and other workspace stuff. Roles like Viewer or Member give broader access than needed.

A vs C? Gotta provide read access to the lakehouse data but not let User1 run Spark queries or access other workspace items. Assigning Viewer for the whole workspace (B) feels too broad since User1 shouldn't touch other things. Member role (D) definitely sounds overkill and risky. Sharing Lakehouse1 with “Read all SQL endpoint data” (A) fits the read-only SQL access part, and it doesn’t give permission for Spark or other workspace stuff. The “Build reports” option (C) seems more about Power BI-related usage, which might be more than what’s needed here. So A looks cleaner and safer to me.