Valid GES-C01 Dumps shared by EduDump.com for Helping Passing GES-C01 Exam! EduDump.com now offer the newest GES-C01 exam dumps, the EduDump.com GES-C01 exam questions have been updated and answers have been corrected get the newest EduDump.com GES-C01 dumps with Test Engine here:
An organization is implementing a two-tier LLM access control strategy in Snowflake. First, common models like 'mistral-7b' and 'llama3.1-8b' need to be broadly accessible to all users granted the 'SNOWFLAKE-CORTEX USER database role. Second, a specialized data science team, using the ANALYST ROLE', requires exclusive access to the higher-capability 'claude-3-5- sonnet' model, which should NOT be generally available through the broad access mechanism. Which set of SQL commands, executed by the 'ACCOUNTADMIN" role, correctly establishes this access control strategy?
Correct Answer: A
Option A is correct. This sequence first uses 'ALTER ACCOUNT SET CORTEX MODELS_ALLOWLIST to make 'mistral-7b' and broadly available by their plain names to any user with The call ensures these changes are applied. Then, it grants the specific application role 'SNOWFLAKE."CORTEX-MODEL-ROLE-CLAUDE-3-5-SONNET"' directly to , providing exclusive access to that model without adding it to the general allowlist. Option B is incorrect because adding 'claude-3-5-sonnet' to the account-level would make it generally available, violating the requirement for exclusive access. Option C is incorrect because granting individual application roles to 'PUBLIC' for 'mistral-7b' and is not the method described for making them broadly accessible via an account parameter (allowlist). While it provides access, it doesn't align with the 'broadly accessible...via a Snowflake account parameter' part of the requirement. Option D is incorrect as 'ALTER ACCOUNT UNSET removes the broad access for 'mistral-7b' and Additionally, direct 'GRANT USAGE ON MODELS is not the primary mechanism for controlling access to base Cortex models; rather, application roles are used. Option E is incorrect because the 'ALTER ACCOUNT command for 'CORTEX MODELS_ALLOWLIST can only be executed by the 'ACCOUNTADMIN' role, not 'SECURITYADMIN'.