0
0
Power BIbi_tool~20 mins

Why RLS protects sensitive data in Power BI - Challenge Your Understanding

Choose your learning style9 modes available
LearnWhyDeepSheetTryChallengeScenarioRecallDash
Challenge - 5 Problems
🎖️
RLS Mastery Badge
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
How does Row-Level Security (RLS) restrict data access?

Imagine a sales report where each salesperson should only see their own sales data. How does RLS ensure this?

ARLS filters data at the row level based on user identity, showing only allowed rows.
BRLS encrypts the entire dataset so only authorized users can decrypt it.
CRLS hides columns with sensitive data but shows all rows to everyone.
DRLS duplicates data for each user to separate databases.
Attempts:
2 left
💡 Hint

Think about how data visibility changes depending on who is logged in.

🎯 Scenario
intermediate
2:00remaining
Scenario: Protecting sensitive employee data with RLS

Your company wants managers to see only their team's salary data, not others'. How can RLS help?

ADuplicate the employee table for each manager with only their team's data.
BCreate RLS roles that filter employee rows by manager ID matching the logged-in user.
CUse RLS to hide the salary column for all users except HR.
DDisable RLS and rely on manual report sharing.
Attempts:
2 left
💡 Hint

Consider how to filter rows so managers see only their team's data.

dax_lod_result
advanced
2:00remaining
DAX expression effect under RLS

Given this DAX measure:
Total Sales = SUM(Sales[Amount])
and RLS filters Sales by Region for each user, what does Total Sales show?

ASum of sales for all regions regardless of RLS.
BSum of sales for regions not visible to the user.
CSum of sales only for the regions visible to the logged-in user.
DZero, because RLS blocks all sales data.
Attempts:
2 left
💡 Hint

Remember RLS filters data before measures calculate.

🔧 Formula Fix
advanced
2:00remaining
Why does this RLS filter not work as expected?

RLS rule: [Region] = USERPRINCIPALNAME()
User's email is 'john@example.com', but no data shows. Why?

AThe filter syntax is invalid and causes a syntax error.
BUSERPRINCIPALNAME() returns the user's email, which matches Region values correctly.
CRLS filters require numeric columns, so text columns cause errors.
DThe Region column contains region names, not user emails, so the filter never matches.
Attempts:
2 left
💡 Hint

Check if the filter compares compatible values.

visualization
expert
3:00remaining
Designing a dashboard with RLS for multiple user roles

You must create a Power BI dashboard where sales reps see only their sales, managers see their team's sales, and executives see all sales. How should you design RLS roles and visuals?

ACreate RLS roles with filters: reps filter by USERNAME(), managers filter by team membership, executives have no filter; use role-based page navigation.
BCreate one RLS role filtering all data by region; use slicers to let users pick their view.
CNo RLS needed; share separate dashboards manually for each role.
DUse RLS to hide columns instead of rows; show all sales but mask sensitive fields.
Attempts:
2 left
💡 Hint

Think about how to apply different filters per role and control access.