CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. TeraData
  5. TDVAN5

Free TDVAN5 Exam Braindumps (page: 5)

Page 4 of 19
PDF with 72 Questions

Given a user creation request on a 10-AMP system:
CREATE USER hr_user AS PERM = 100e9 SKEW = 10 PERCENT, SPOOL = 100e9 SKEW = 20 PERCENT;
How does the SKEW factor affect the user's Perm space, assuming the total space consumed is under the specified perm space limit?

  1. The per AMP limit of any AMP can reach 20 GB.
  2. The per AMP limit of 100 GB can be breached up to 10 percent.
  3. The per AMP limit of 10 GB can be breached to any percent.
  4. The per AMP limit of any AMP can reach 11 GET

Answer(s): D

Explanation:

In the given CREATE USER statement, the SKEW = 10 PERCENT parameter applies to Perm space and allows some AMPs (Access Module Processors) to use up to 10% more space than the average allocation across the AMPs.
The user is allocated 100 GB of Perm space across a 10-AMP system, meaning the average space per AMP is 10 GB.
With a 10% skew allowed, this means that an AMP can use up to 10% more than the average allocation, which is 10 GB + 1 GB = 11 GB.



An Administrator has been tasked with analyzing previous growth and usage patterns by utilities such as Multiload and FastLoad. The aim is to project the likely resource requirements of the existing loads in the next three to six months.
In the last month, the Administrator team have started using AccountString expansion on all user accounts and have started maintenance jobs to housekeep system data older than seven years. Two years ago, the following command was issued on the system:
BEGIN QUERY LOGGING WITH ALL ON ALL;
No other logging commands have been issued.
Which view contains the utility usage data for the prior months?

  1. AMPUsageV
  2. LogOnOffV
  3. QryLogUtilityV
  4. QryLogV

Answer(s): C

Explanation:

QryLogUtilityV is a specific DBQL (Database Query Logging) view that provides information about utility usage (such as Multiload and FastLoad) on the system. Since the BEGIN QUERY LOGGING WITH ALL ON ALL command was issued two years ago, the DBQL (Database Query Logging) has been tracking various events, including utility usage, which is stored in QryLogUtilityV. Option A (AMPUsageV) contains AMP (Access Module Processor) level statistics and usage data but not detailed information about utility jobs.
Option B (LogOnOffV) tracks user logon and logoff activities but does not provide information about utility usage.
Option D (QryLogV) logs general query execution data but is not specifically focused on utility usage.



A middle-tier application server logs on to the database as TrustedUser and submits requests on behalf of application end users. The server is shared by Finance and Human Resources groups and uses ProxyUser query band to identify end users to the database. Each group needs access to its own sensitive data, so the Administrator has created two separate roles with the appropriate permissions.

What is the best way to control access to each group's sensitive data?

  1. Define the roles as external and use the ProxyRole query band to specify one role.
  2. Grant both roles to TrustedUser, and add the ProxyRole query band to specify one role.
  3. Specify the appropriate role for each end user in a grant connect through statement.
  4. Include both roles in the grant connect through statement, and use ProxyRole in the query band to select the appropriate role.

Answer(s): D

Explanation:

The GRANT CONNECT THROUGH statement allows the TrustedUser to act on behalf of multiple end users while securely connecting to the database. By granting both roles (Finance and Human Resources) in this statement, you allow the ProxyUser to switch between roles depending on the query band's ProxyRole value.
Using the ProxyRole query band, the application can specify which role (Finance or Human Resources) should be used for each specific request. This approach provides flexibility, as the application can dynamically assign the appropriate role to the user based on the query context. Option A (Defining roles as external and using ProxyRole) wouldn't fully address the need to manage multiple roles dynamically for a shared server.
Option B (Granting both roles to TrustedUser) doesn't allow for flexible role switching on a per- request basis without the use of GRANT CONNECT THROUGH and could lead to over-granting of permissions.
Option C (Specifying a role for each end user in GRANT CONNECT THROUGH) isn't as flexible as allowing both roles to be used and dynamically selected through the query band. Thus, Option D is the most appropriate solution, as it provides both security and flexibility, enabling the application to use the correct role based on the ProxyRole query band for each query submitted.



An Administrator needs to provide end users access to data in a Native Object Store using shared credentials.
How can this be accomplished?

  1. Define a FOREIGN TABLE with DEFINER TRUSTED security.
  2. Define a FUNCTION MAPPING with INVOKER TRUSTED security.
  3. Use an S3 1AM role or Azure SAS token rather than User and Password.
  4. Grant users access to a shared AUTHORIZATION object.

Answer(s): D

Explanation:

In Teradata's Native Object Store, the AUTHORIZATION object stores shared credentials (such as an S3 IAM role, Azure SAS token, or other cloud storage credentials). By granting users access to this shared authorization object, the administrator can allow multiple users to access the object store using the same set of credentials. This simplifies credential management and ensures secure access to the external data source.

Option A (Define a FOREIGN TABLE with DEFINER TRUSTED security) refers to defining a foreign table with a specific security model but does not handle shared credentials directly. Option B (Define a FUNCTION MAPPING with INVOKER TRUSTED security) relates to function mappings and security contexts for user-defined functions, not directly to shared credentials for accessing an object store.
Option C (Use an S3 IAM role or Azure SAS token rather than User and Password) is a part of how credentials might be managed, but it does not address the mechanism for sharing these credentials among users. The AUTHORIZATION object is the correct method for managing and sharing these credentials securely.






Post your Comments and Discuss TeraData TDVAN5 exam with other Community members:

TDVAN5 Discussions & Posts