Summer Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Certensure Logo
  1. Home
  2. Oracle
  3. Oracle Database Security
  4. 1z0-116 - Oracle Database Security Administration

Oracle 1z0-116 Oracle Database Security Administration Exam Practice Test

Demo: 13 questions
Total 90 questions
Get 1z0-116 Full Access Download 1z0-116 PDF

Oracle Database Security Administration Questions and Answers

Question 1

For which two are Oracle Label Security policies not applied?

Options:

A.

partitioned tables

B.

direct path exports

C.

users with the SYSDA privilege other than sys

D.

objects in the SYS schema

E.

conventional path exports

Question 2

Which two represent the set of users that are never affected by connect command rules?

Options:

A.

SYS

B.

users with the DV_ACCTMGR role

C.

users with the DV_OWNER role

D.

users with the DV_ADMIN role

E.

SYSTEM

Question 3

Examine these commands and responses:

Which object privilege must be granted to allow execution of the stored procedure?

Options:

A.

grant EXECUTE ON MARY.PBOC2 Co U1;

B.

grant INHERIT PRIVILEGES ON USER U1 TO MARY;

C.

grant INHERIT PRIVILEGES ON USER MARY TO Ul ;

D.

grant EXECUTE ON Ul.PROC2 TO MARY;

Question 4

Which three are true concerning command rules?

Options:

A.

System privileges override command rules.

B.

If a command rule's associated rule set evaluation results In an error, the command is not allowed to execute.

C.

A command can have only one command rule that applies to it.

D.

For DML statement command rules, you can specify a wildcard for the object owner.

E.

If a command rule's associated rule set Is disabled, then the rule set evaluates to true.

F.

For DML statement command rules, you can specify a wildcard for the object name.

G.

Object privileges override command rules.

Question 5

You must restrict execution of the alter system checkpoint command to certain conditions, specified in a rule set used by a command rule.

Which two parameters must be specified In the dbms_macadm.create_command_rule procedure to do this?

Options:

A.

PARAMETER_NAM£=>'CHECKPOINT'

B.

OBJECT_OWNER=>'SYS

C.

CLAUSE_NAME=>'CHECKPOINT'

D.

CLAUSE_NAME=>'SYSTEM'

E.

COMMANI>=>' ALTER SYSTEM'

F.

OBJECT_NAME=>'CHECKPOINT'

G.

COMMAND=>'ALTER'

Question 6

Examine this command:

What masking definitions does it list?

Options:

A.

All with the name credit and the commands to deploy them on all databases with names starting with test.

B.

All with names starting with credit and created on databases with names starting with test.

C.

All with the name credit and created on databases with name starting with teat.

D.

All with names starting with credit and created on any database.

E.

All with the name credit and the commands to deploy them on a database with the name test.

Question 7

Examine this list of capabilities:

1. You can automatically restrict common users from accessing pluggable database (PDB).

2. Enabling Database Vault Operations Control In cdbsroot does not automatically enable It In PDBs.

3. Any common user granted the dv_admin role can enable Database Vault Operations Control.

4. To enable Database Vault Operations Control, use the dbms_macadm.enable_app_protection.

5. Common users' and Invokers' right procedures that must access PDB local data can be added to an exception list.

6. To disable Database Vault Operations Control, use the dbms_macadm.disable_app_protection.

Which statements describe Database Vault Operations Control?

Options:

A.

3, 5, 6

B.

2, 3. 6

C.

2, 4, 6

D.

1, 4, 6

E.

1, 2, 3, 5

Question 8

Database Vault is configured and enabled in the database. You create a rule set to enforce security on the hr. employees table.

Examine these requirements:

1. Users working In hr department are allowed to view all rows In HR.EMPLOYEES.

2. hr managers are allowed to view, update, and delete data in In HR.EMPLOYEES.

3. Audit records are to be collected for every evaluation of the rule set.

Which two options are true when creating the rule set?

Options:

A.

One rule set contains two rules OR'ed together.

B.

The rule set parameter audit_options must be set to dbms_macutl.g_ruleset_audtt_fail.

C.

The rule set must be defined as is_static.

D.

The rule set parameter eval_options must be set to dbms_macutl.g_ruleset_eval_all.

E.

The rule set parameter audit_options must be set to dbms_macutl.g_buleset_audit_fail + DBMS MACUTL.G RULESET AUDIT SUCCESS.

Question 9

Which two commands can a user with the syskm privilege execute?

Options:

A.

ALTER DATABASE DICTIONARY REKEY CREDENTIALS;

B.

SELECT * FROM DBA_OBJECTS;

C.

SELECT * FROM DBA_TABLESPACES WHERE ENCRYPTED = 'YES*;

D.

ADMINISTER KEY MANAGEMENT SET KFYSTOBF OPEN IDENTIFIED BY password:

E.

ALTER SYSTEM FLUSH PASSWORDFILE_METADATA_CACHE;

F.

ALTER TABLESPACE APPDATA ENCRYPTION OFFLINE ENCRYPT;

Question 10

As an Autonomous Transaction Processing (ATP) database administrator, you want to extend the storage capacity In the database.

Examine this command and output from the database:

What is the reason for the error?

Options:

A.

The storage quota has been reached for the ATP database.

B.

The create TABLESAPECE statement is not available in ATP.

C.

There is not enough storage available in the ATP database.

D.

You must be explicitly granted the create TABLESPACE privilege in ATP.

E.

Database Vault prevents you from executing this command.

Question 11

Which two statements are true about running the Oracle Database Security Assessment Tool (DBSAT) Collector?

Options:

A.

It runs only on UNIX/Linux systems.

B.

It must connect to the database using a SYSDBA connection.

C.

It must be run by an OS user with read permissions on files and directories under ORACLE_HOME.

D.

It runs only on Windows systems.

E.

It must be run on the server that contains the database.

Question 12

Which statement is true about Network ACLs?

Options:

A.

They ate used to control access by users to external network services and resources from the database through PL/SQL.

B.

They are used to provide access to database packages.

C.

They are used to control the usage of UTL_TCP, ITL_HTTP, and UTL_INADDR.

D.

They are used to configure proxy for PL/SQL network utility packages.

Question 13

Which two tasks should you perform initially to Implement native network encryption without disrupting client applications?

Options:

A.

Upgrade all OCI-basod clients to match the database version.

B.

Set the server side sqinet.oia parameter sqlnet.encryption_server = requested.

C.

Configure the listener with an endpoint for protocol TCPS.

D.

Verify which clients have encrypted connections using the view vSsession_CONNECT_INFO.

E.

Set the client side sqinec.ora parameter SQLNET.ENCRYPTION _client = required.

F.

Set the server side sqinot.ora parameter SQLNET.CRYPTO_CHECKSOM_SERVER - accepted.

G.

Modify all JDBC Thin based clients to include network encryption parameters in Java.

Load More 1z0-116 Questions
Demo: 13 questions
Total 90 questions
Get 1z0-116 Full Access Download 1z0-116 PDF