🔒 Guided

Pre-launch preview. Authorised access only.

Incorrect code

Guided by A Guide to Cloud
Explore AB-900 AI-901
Guided DP-750 Domain 2
Domain 2 — Module 5 of 5 100%
10 of 28 overall

DP-750 Study Guide

Domain 1: Set Up and Configure an Azure Databricks Environment

  • Azure Databricks: Your Lakehouse Platform Free
  • Choosing the Right Compute Free
  • Configuring Compute for Performance Free
  • Unity Catalog: The Three-Level Namespace Free
  • Tables, Views & External Catalogs Free

Domain 2: Secure and Govern Unity Catalog Objects

  • Securing Unity Catalog: Who Gets What
  • Secrets & Authentication
  • Data Discovery & Attribute-Based Access
  • Row Filters, Column Masks & Retention
  • Lineage, Audit Logs & Delta Sharing

Domain 3: Prepare and Process Data

  • Data Modeling: Ingestion Design Free
  • SCD, Granularity & Temporal Tables
  • Partitioning, Clustering & Table Optimization
  • Ingesting Data: Lakeflow Connect & Notebooks
  • Ingesting Data: SQL Methods & CDC
  • Streaming Ingestion: Structured Streaming & Event Hubs
  • Auto Loader & Declarative Pipelines
  • Cleansing & Profiling Data Free
  • Transforming & Loading Data
  • Data Quality & Schema Enforcement

Domain 4: Deploy and Maintain Data Pipelines and Workloads

  • Building Data Pipelines Free
  • Lakeflow Jobs: Create & Configure
  • Lakeflow Jobs: Schedule, Alerts & Recovery
  • Git & Version Control
  • Testing & Databricks Asset Bundles
  • Monitoring Clusters & Troubleshooting
  • Spark Performance: DAG & Query Profile
  • Optimizing Delta Tables & Azure Monitor

DP-750 Study Guide

Domain 1: Set Up and Configure an Azure Databricks Environment

  • Azure Databricks: Your Lakehouse Platform Free
  • Choosing the Right Compute Free
  • Configuring Compute for Performance Free
  • Unity Catalog: The Three-Level Namespace Free
  • Tables, Views & External Catalogs Free

Domain 2: Secure and Govern Unity Catalog Objects

  • Securing Unity Catalog: Who Gets What
  • Secrets & Authentication
  • Data Discovery & Attribute-Based Access
  • Row Filters, Column Masks & Retention
  • Lineage, Audit Logs & Delta Sharing

Domain 3: Prepare and Process Data

  • Data Modeling: Ingestion Design Free
  • SCD, Granularity & Temporal Tables
  • Partitioning, Clustering & Table Optimization
  • Ingesting Data: Lakeflow Connect & Notebooks
  • Ingesting Data: SQL Methods & CDC
  • Streaming Ingestion: Structured Streaming & Event Hubs
  • Auto Loader & Declarative Pipelines
  • Cleansing & Profiling Data Free
  • Transforming & Loading Data
  • Data Quality & Schema Enforcement

Domain 4: Deploy and Maintain Data Pipelines and Workloads

  • Building Data Pipelines Free
  • Lakeflow Jobs: Create & Configure
  • Lakeflow Jobs: Schedule, Alerts & Recovery
  • Git & Version Control
  • Testing & Databricks Asset Bundles
  • Monitoring Clusters & Troubleshooting
  • Spark Performance: DAG & Query Profile
  • Optimizing Delta Tables & Azure Monitor
Domain 2: Secure and Govern Unity Catalog Objects Premium ⏱ ~13 min read

Lineage, Audit Logs & Delta Sharing

Track how data flows through your lakehouse, audit who accessed what, and securely share data across organisations — the governance capstone.

Why lineage and audit matter

☕ Simple explanation

Lineage is like a food supply chain label. Audit is like a security camera.

Lineage tells you where your data came from and where it went. If the daily revenue report shows wrong numbers, lineage lets you trace back: “This table was built from that table, which was loaded from that CSV file.” You can find the problem source quickly.

Audit logs record who did what and when. “Ravi queried the customer PII table at 3:15 PM.” If there’s a data breach investigation, audit logs are your evidence.

Delta Sharing is like a secure read-only portal. You can share specific tables with an external partner without giving them access to your entire lakehouse — and they don’t even need Databricks.

Data lineage in Unity Catalog automatically tracks table-to-table and column-to-column dependencies. When a notebook reads from table A and writes to table B, Unity Catalog records that relationship. Lineage is viewable in Catalog Explorer and queryable via system tables.

Audit logging captures all access events — reads, writes, permission changes, schema modifications — into system tables that can be queried with SQL.

Delta Sharing is an open protocol for secure data sharing. Providers create shares containing specific tables; recipients access them via standard tools (Spark, pandas, Power BI) without needing a Databricks account.

Data lineage

What lineage tracks

Unity Catalog automatically captures lineage when notebooks, jobs, or pipelines read from and write to tables:

Lineage ElementWhat It Shows
Table-level lineageWhich tables feed into which tables
Column-level lineageWhich source columns map to which destination columns
Notebook/job lineageWhich notebook or job created/modified a table
OwnerWho owns the table (user or group)
HistoryWhen the table was created, last modified, version history
DependenciesUpstream tables this table depends on

Viewing lineage in Catalog Explorer

In Catalog Explorer, select any table and click the Lineage tab to see:

  • Upstream — tables and columns that feed into this table
  • Downstream — tables and dashboards that consume this table
  • Notebooks/jobs — the code that created the relationship

When Mei Lin investigates a data quality issue in Freshmart’s daily revenue report, she traces lineage back through:

gold.daily_revenue ← silver.cleaned_transactions ← bronze.raw_pos_data

The issue is in the bronze layer — a partner changed their CSV format.

Querying lineage via system tables

-- View table lineage
SELECT * FROM system.access.table_lineage
WHERE target_table_full_name = 'prod_sales.curated.daily_revenue';

-- View column lineage
SELECT * FROM system.access.column_lineage
WHERE target_table_full_name = 'prod_sales.curated.daily_revenue';
💡 Exam tip: Lineage is automatic but not universal

Unity Catalog captures lineage automatically for:

  • ✅ Spark SQL queries (SELECT INTO, INSERT INTO, MERGE)
  • ✅ DataFrame operations (read → transform → write)
  • ✅ Lakeflow Spark Declarative Pipeline dependencies
  • ✅ Notebook-driven ETL

Lineage is NOT captured for:

  • ❌ External tools that bypass Spark (direct file access)
  • ❌ Legacy Hive metastore tables (not registered in Unity Catalog)

If the exam asks “how to ensure lineage is tracked,” the answer is: use Unity Catalog tables and run transformations through Databricks compute.

Audit logging

What gets logged

Unity Catalog logs every significant action to system tables:

Event TypeExamples
Data accessSELECT queries, table reads
Data modificationINSERT, UPDATE, DELETE, MERGE
Permission changesGRANT, REVOKE
Schema changesCREATE TABLE, ALTER TABLE, DROP TABLE
AuthenticationLogin events, service principal access
Admin actionsCluster creation, job scheduling

Querying audit logs

-- Who accessed the customers table in the last 7 days?
SELECT
  event_time,
  user_identity.email AS user_email,
  action_name,
  request_params.full_name_arg AS table_name
FROM system.access.audit
WHERE request_params.full_name_arg = 'prod_sales.curated.customers'
  AND event_time > CURRENT_TIMESTAMP() - INTERVAL 7 DAYS
ORDER BY event_time DESC;

Dr. Sarah Okafor runs audit queries weekly at Athena Group to verify that only authorised users accessed sensitive financial tables.

ℹ️ Audit log retention and export

System audit tables have a default retention period. For long-term compliance:

  • Export audit logs to a Delta table in your own storage for permanent retention
  • Stream to Azure Monitor for real-time alerting on suspicious activity
  • Integrate with SIEM tools for security operations

Exam tip: If the question mentions “long-term audit retention” or “compliance archive,” the answer involves exporting audit logs to your own managed storage — not relying on the system table defaults.

Delta Sharing

What is Delta Sharing?

Delta Sharing is an open protocol for secure, live data sharing:

  • Provider — the organisation sharing data (creates shares, adds tables, generates recipient tokens)
  • Recipient — the organisation receiving data (connects using a credential file or Databricks-to-Databricks sharing)
  • Share — a named collection of tables made available to recipients

Two sharing modes

FeatureOpen SharingDatabricks-to-Databricks
Recipient needs Databricks?No — any Spark/pandas/Power BIYes — Databricks workspace
AuthenticationBearer token (credential file)Unity Catalog identity
GovernanceRead-only access to shared tablesFull UC governance (lineage, audit)
Best forExternal partners, customersInternal cross-workspace, Databricks partners
Live data?Yes — reads current versionYes — reads current version

Setting up Delta Sharing

-- Step 1: Create a share
CREATE SHARE IF NOT EXISTS partner_freshmart
  COMMENT 'Product catalog shared with Freshmart suppliers';

-- Step 2: Add tables to the share
ALTER SHARE partner_freshmart
  ADD TABLE prod_sales.curated.product_catalog;

-- Step 3: Create a recipient
CREATE RECIPIENT IF NOT EXISTS freshmart_supplier_a
  COMMENT 'Supplier A needs product catalog for inventory planning';

-- Step 4: Grant the recipient access to the share
GRANT SELECT ON SHARE partner_freshmart TO RECIPIENT freshmart_supplier_a;

Secure sharing strategy

When designing a Delta Sharing strategy, consider:

DecisionRecommendation
What to shareOnly curated/gold tables — never raw data
GranularityOne share per partner or use case
Column filteringShare views that exclude sensitive columns
AuditMonitor share access via audit logs
RevocationRemove recipient access immediately when partnership ends

Tomás shares anonymised fraud pattern data with NovaPay’s banking partners via Delta Sharing. Partners get a read-only view of fraud trends without accessing NovaPay’s customer data.

Question

What is data lineage in Unity Catalog and how is it captured?

Click or press Enter to reveal answer

Answer

Lineage tracks table-to-table and column-to-column dependencies automatically when data flows through Databricks compute. View in Catalog Explorer or query system.access.table_lineage. Not captured for external tool access bypassing Spark.

Click to flip back

Question

What is Delta Sharing and what are its two modes?

Click or press Enter to reveal answer

Answer

Delta Sharing is an open protocol for secure data sharing. Open Sharing: recipients don't need Databricks (use token + any Spark/pandas tool). Databricks-to-Databricks: full UC governance, identity-based. Both provide live, read-only access.

Click to flip back

Question

How do you query Unity Catalog audit logs?

Click or press Enter to reveal answer

Answer

Query system.access.audit with SQL. Filter by user_identity.email, action_name, request_params.full_name_arg, and event_time. Export to your own storage for long-term compliance retention.

Click to flip back

🎬 Video coming soon

Knowledge check

Knowledge Check

Mei Lin discovers incorrect revenue figures in Freshmart's executive dashboard. She needs to trace the data back to its source to find where the error was introduced. Which Unity Catalog feature should she use?

Knowledge Check

Dr. Sarah Okafor needs to share product inventory data with Athena Group's logistics partner. The partner uses Snowflake, not Databricks. The data must be live (not a copy) and read-only. Which approach should she use?

Knowledge Check

Tomás needs to prove to NovaPay's compliance auditor that no unauthorised users accessed the fraud_alerts table in the last 30 days. Which Unity Catalog feature provides this evidence?


Next up: Data Modeling: Ingestion Design — choosing ingestion tools, loading methods, table formats, and managed vs external tables.

← Previous

Row Filters, Column Masks & Retention

Next →

Data Modeling: Ingestion Design

Guided

I learn, I simplify, I share.

A Guide to Cloud YouTube Feedback

© 2026 Sutheesh. All rights reserved.

Guided is an independent study resource and is not affiliated with, endorsed by, or officially connected to Microsoft. Microsoft, Azure, and related trademarks are property of Microsoft Corporation. Always verify information against Microsoft Learn.