You find that a Ranger policy is not restricting access as expected. The policy JSON includes 'users': ["alice"], but 'alice' can still write to the resource. What is a possible cause?

medium📝 Debug Q7 of 15

Hadoop - Security

AThe policy's 'accessTypes' does not include 'write'

BThe policy is set to 'deny' instead of 'allow'

CThe Ranger Plugin is not enabled on the service

DThe user 'alice' is not synced in Ranger User Sync

Step-by-Step Solution

Solution:

Step 1: Check policy details
If 'accessTypes' lacks 'write', 'alice' cannot write; but here she can, so likely not the issue.
Step 2: Consider Ranger Plugin status
If the Ranger Plugin is disabled, policies are not enforced, allowing access despite policy.
Final Answer:
The Ranger Plugin is not enabled on the service -> Option C
Quick Check:
Plugin disabled means no enforcement [OK]

Quick Trick: Plugin must be enabled for policies to work [OK]

Common Mistakes:

Assuming policy denies access by default
Ignoring plugin status
Confusing user sync with enforcement

Master "Security" in Hadoop

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More Hadoop Quizzes

You find that a Ranger policy is not restricting access as expected. The policy JSON includes 'users': ["alice"], but 'alice' can still write to the resource. What is a possible cause?

Step 1: Check policy details

Step 2: Consider Ranger Plugin status

Final Answer:

Quick Check:

Want More Practice?