Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Snowflake Exam ADA-C01 Topic 3 Question 20 Discussion

Actual exam question for Snowflake's ADA-C01 exam
Question #: 20
Topic #: 3
[All ADA-C01 Questions]

A user has enrolled in Multi-factor Authentication (MFA) for connecting to Snowflake. The user informs the Snowflake Administrator that they lost their mobile phone the previous evening.

Which step should the Administrator take to allow the user to log in to the system, without revoking their MFA enrollment?

Show Suggested Answer Hide Answer
Suggested Answer: A

The MINS_TO_BYPASS_MFA property allows the account administrator to temporarily disable MFA for a user who has lost their phone or changed their phone number1. The user can log in without MFA for the specified number of minutes, and then re-enroll in MFA using their new phone1. This does not revoke their MFA enrollment, unlike the DISABLE_MFA property, which cancels their enrollment and requires them to re-enroll from scratch1. The other options are not valid ways to bypass MFA, as SnowSQL does support MFA authentication2, and there is no such URL parameter as /?mode=mfa_bypass&code= for Snowflake3


Contribute your Thoughts:

Tonette
3 months ago
I think both options could work, but I would go with option B just to be on the safe side and ensure the user can log in without any issues.
upvoted 0 times
...
Golda
3 months ago
I'm not sure about that, I think setting DISABLE_MFA to true might be a safer choice to suspend MFA requirement for 24 hours.
upvoted 0 times
...
Zena
3 months ago
Ah, the old 'I lost my phone' excuse. Classic! But in all seriousness, we need to find a secure way to let this user in without compromising the entire system. Maybe we can look into temporary backup authentication methods or something.
upvoted 0 times
...
Franklyn
3 months ago
Appending a URL with a bypass code? That's a new one. I'm curious to see if that actually works, but it also sounds a bit sketchy. Maybe we should look into a more official way to handle this situation.
upvoted 0 times
Dianne
3 months ago
Maybe we should try altering the user settings to temporarily disable MFA instead.
upvoted 0 times
...
Melita
3 months ago
I agree, appending a URL with a bypass code does sound sketchy.
upvoted 0 times
...
...
Arlette
4 months ago
I agree with Stacey, that seems like the best option to allow the user to log in without revoking their MFA enrollment.
upvoted 0 times
...
Domingo
4 months ago
SnowSQL, huh? I guess that's one way to get around the MFA, but it feels a bit like a hack. Shouldn't we have a more elegant solution that still keeps the security intact?
upvoted 0 times
Idella
3 months ago
B: Yeah, that sounds like a better solution than using SnowSQL. We need to maintain security while helping the user access the system.
upvoted 0 times
...
Dean
4 months ago
A: Alter the user and set MINS TO BYPASS MFA to a value that will disable MFA long enough for the user to log in.
upvoted 0 times
...
...
Stacey
4 months ago
I think the Administrator should alter the user and set MINS TO BYPASS MFA to disable MFA temporarily.
upvoted 0 times
...
Cathern
4 months ago
Disabling MFA for 24 hours? Yikes, that seems like a huge security risk. I'd be more comfortable with a temporary solution that doesn't leave the system vulnerable.
upvoted 0 times
Jannette
3 months ago
A) Alter the user and set MINS TO BYPASS MFA to a value that will disable MFA long enough for the user to log in.
upvoted 0 times
...
Aileen
3 months ago
Disabling MFA for 24 hours does seem risky. Maybe there's a better temporary solution.
upvoted 0 times
...
Aretha
4 months ago
B) Alter the user and set DISABLE_MFA to true, which will suspend the MFA requirement for 24 hours.
upvoted 0 times
...
Fabiola
4 months ago
A) Alter the user and set MINS TO BYPASS MFA to a value that will disable MFA long enough for the user to log in.
upvoted 0 times
...
...
Carol
4 months ago
I think appending the URL with /?mode=mfa_bypass&code= is the most convenient way for the user to log in.
upvoted 0 times
...
Bette
4 months ago
But wouldn't instructing the user to use SnowSQL be a simpler solution?
upvoted 0 times
...
Fabiola
4 months ago
I disagree, I believe setting DISABLE_MFA to true for 24 hours is a better option.
upvoted 0 times
...
Bette
4 months ago
I think the Administrator should alter the user and set MINS TO BYPASS MFA to disable MFA temporarily.
upvoted 0 times
...
Weldon
4 months ago
I'm not sure about that bypass option. Wouldn't that compromise the security we're trying to maintain with MFA?
upvoted 0 times
Malcolm
4 months ago
B) That sounds like a better compromise for security while still allowing the user to log in.
upvoted 0 times
...
Jamal
4 months ago
A) Alter the user and set MINS TO BYPASS MFA to a shorter time frame, like 5 minutes.
upvoted 0 times
...
Ernestine
4 months ago
B) I think that option suspends MFA for too long. We need a temporary solution.
upvoted 0 times
...
Peggy
4 months ago
A) Alter the user and set MINS TO BYPASS MFA to a value that will disable MFA long enough for the user to log in.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77