Question 304 of 846
Design and implement data storagehardMultiple ChoiceObjective-mapped

Quick Answer

The correct answer is to configure serverless SQL pools to use Microsoft Entra ID authentication only, while dedicated SQL pools allow SQL authentication. This works because Azure Synapse Analytics treats serverless and dedicated SQL pools as separate compute engines with independent authentication settings; serverless pools natively support Entra ID as the sole identity provider when SQL authentication is disabled, whereas dedicated pools can retain SQL logins without conflict. On the DP-203 exam, this scenario tests your understanding of hybrid authentication models within a single workspace, often appearing as a trick where candidates mistakenly apply a uniform authentication method across all pools. A common trap is assuming serverless pools require SQL authentication for compatibility, but the key is that Entra ID roles can be granularly assigned to serverless endpoints. Remember the mnemonic: “Serverless needs Entra, Dedicated keeps SQL” to separate the two authentication paths clearly.

DP-203 Design and implement data storage Practice Question

This DP-203 practice question tests your understanding of design and implement data storage. This is a configuration task: choose the command set that satisfies every stated requirement. Small differences — like 'secret' vs 'password' or 'transport input ssh' vs 'all' — change whether the answer is correct. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

You are responsible for securing an Azure Synapse Analytics workspace. The workspace contains dedicated SQL pools and serverless SQL pools. You need to ensure that only users with specific Microsoft Entra ID roles can query serverless SQL pools, while dedicated SQL pools use SQL authentication. What should you do?

Question 1hardmultiple choice
Full question →

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

Configure serverless SQL pools to use Microsoft Entra ID authentication only, and dedicated SQL pools to allow SQL authentication.

Option B is correct because serverless SQL pools in Azure Synapse Analytics natively support Microsoft Entra ID authentication, allowing you to restrict access to specific Entra ID roles by disabling SQL authentication for those pools. Dedicated SQL pools can independently be configured to allow SQL authentication, enabling coexistence of both authentication methods as required. This separation ensures that only users with the designated Entra ID roles can query serverless SQL pools, while dedicated SQL pools remain accessible via SQL logins.

Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • Create SQL logins for serverless SQL pools and assign permissions to Microsoft Entra ID groups.

    Why it's wrong here

    Serverless SQL pools do not support SQL logins.

  • Configure serverless SQL pools to use Microsoft Entra ID authentication only, and dedicated SQL pools to allow SQL authentication.

    Why this is correct

    Serverless SQL pools support only Entra ID; dedicated SQL pools can use both.

    Related concept

    Read the scenario before looking for a memorised answer.

  • Use a managed identity for serverless SQL pools and assign it to Microsoft Entra ID roles.

    Why it's wrong here

    Managed identities are for services, not for user authentication.

  • Disable SQL authentication for all pools and enforce Microsoft Entra ID authentication only.

    Why it's wrong here

    Dedicated SQL pools may need SQL authentication for legacy applications.

Common exam traps

Common exam trap: answer the scenario, not the keyword

The trap here is that candidates may assume SQL logins can be created for serverless SQL pools (Option A) or that managed identities can be used to control user access (Option C), when in fact serverless pools only support Microsoft Entra ID authentication and managed identities are for service principals, not user permissions.

Detailed technical explanation

How to think about this question

Under the hood, serverless SQL pools authenticate via the Microsoft Entra ID token endpoint, using the OAuth 2.0 protocol to validate user identities against assigned Entra ID roles or groups. Dedicated SQL pools, on the other hand, maintain their own SQL authentication system with logins stored in the master database, allowing coexistence of both authentication methods within the same workspace. A real-world scenario is a data lake environment where analysts use Entra ID for ad-hoc queries on external data via serverless pools, while ETL jobs use SQL authentication for dedicated pools to ensure consistent performance.

KKey Concepts to Remember

  • Read the scenario before looking for a memorised answer.
  • Find the constraint that changes the correct option.
  • Eliminate answers that are true in general but not in this case.

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Key takeaway

Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Real-world example

How this comes up in practice

A company's IT admin needs to give a contractor read-only access to production logs without sharing account credentials. Using role-based access control (RBAC) and temporary scoped permissions — not a permanent shared password — is the correct pattern. Questions like this test whether you can apply least-privilege access across cloud identity services.

What to study next

Got this wrong? Here's your next step.

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

Related practice questions

Related DP-203 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free DP-203 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this DP-203 question test?

Design and implement data storage — This question tests Design and implement data storage — Read the scenario before looking for a memorised answer..

What is the correct answer to this question?

The correct answer is: Configure serverless SQL pools to use Microsoft Entra ID authentication only, and dedicated SQL pools to allow SQL authentication. — Option B is correct because serverless SQL pools in Azure Synapse Analytics natively support Microsoft Entra ID authentication, allowing you to restrict access to specific Entra ID roles by disabling SQL authentication for those pools. Dedicated SQL pools can independently be configured to allow SQL authentication, enabling coexistence of both authentication methods as required. This separation ensures that only users with the designated Entra ID roles can query serverless SQL pools, while dedicated SQL pools remain accessible via SQL logins.

What should I do if I get this DP-203 question wrong?

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

What is the key concept behind this question?

Read the scenario before looking for a memorised answer.

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Keep practising

More DP-203 practice questions

Last reviewed: Jun 24, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This DP-203 practice question is part of Courseiva's free Microsoft certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the DP-203 exam.