1. Governance Flashcards
What is the main issue with Fabric’s governance?
There is no centralized governance in Fabric; it is controlled at each engine and storage layer.
This results in cumbersome management and potential security risks.
What is Purview in relation to Fabric?
Purview is a separate product that acts as a referential catalog, not an operational catalog, limiting its functionality.
It can only publish metadata from Fabric or Databricks but cannot set access or permissions.
What is OneSecurity?
A proposed centralized security and permissions framework for Fabric that has been delayed until Q1 2025.
Details about OneSecurity are limited and not publicly documented.
How does Databricks handle access control?
Databricks allows setting access once, respected everywhere, resulting in data you can trust.
This contrasts with Fabric, where access must be set in each incompatible engine.
What type of lineage does Fabric support?
Fabric supports coarse-grained lineage, limited to the data item level.
This means it does not support table or column-level lineage.
Does Fabric have data classification capabilities?
No, Fabric currently does not support data classification.
Its integration with Purview does not enable users to classify data as PII.
True or False: Fabric supports fine-grained access control.
False.
Fabric’s access control is mostly coarse-grained and does not meet enterprise-grade requirements.
What is the limitation of Fabric’s integration with Purview?
The integration is limited and does not allow for operational capabilities like policy enforcement.
Fabric only supports coarse-grained lineage and lacks features like Classification and Labeling.
How does data discovery in Fabric compare to Databricks?
Fabric’s data discovery is limited and fragmented, while Databricks provides a centralized catalog for all data and AI assets.
This makes discovery and governance easier in Databricks.
Fill in the blank: Fabric applies a ___ cost penalty to external engines reading data from OneLake.
3x.
This penalty affects data democratization principles.
Can Databricks read/write from/to OneLake?
Yes, but only using credential passthrough or service principals via Spark configs, which is not recommended.
This method does not provide the best security and governance experience.
Does Fabric integrate with Unity Catalog?
No.
There is currently no support for policy pushdown or integration with UC.
What are the roles available in Fabric for access control?
Admin, Contributor, and Viewer roles.
These roles offer varying levels of access, but the security model is coarse-grained.
True or False: Fabric can enforce data quality through built-in capabilities.
False.
Fabric lacks built-in data quality or expectation-setting capabilities.
What are the two challenges for Fabric users regarding data security?
- Data security is not centralized and inconsistent across services
- No default security level other than built-in roles
This creates privacy risks, particularly for PII/PHI.
What does Azure Databricks offer that Fabric does not regarding data quality?
Delta Live Tables for setting data quality expectations and monitoring.
Azure Databricks ensures high-quality data through built-in capabilities.
What is the limitation of using Databricks with Fabric for data governance?
It does not provide the best security and governance experience due to bypassing UC and legacy table access controls.
This creates potential security vulnerabilities.
