B. If a command rule's associated rule set evaluation results In an error, the command is not allowed to execute.
C. A command can have only one command rule that applies to it.
D. For DML statement command rules, you can specify a wildcard for the object owner.
E. If a command rule's associated rule set Is disabled, then the rule set evaluates to true.
F. For DML statement command rules, you can specify a wildcard for the object name.
G. Object privileges override command rules.
Answer:
ADF
Discussions
0/ 1000
Question 2
You configured Kerberos authentication for databases running on servers A and B. However a database link connecting the database on server A to the database on server B fails with ORA-12638 Credential retrieval failed. Where must you make a change to sqlnet.ora to allow the database link to use its stored credentials Instead of trying to use Kerberos?
A. on client side of server B
B. on client side of server A
C. on server side of server B
D. on server side of server A
Answer:
B
Discussions
0/ 1000
Question 3
A DBA user created and configured this secure application role: Why does the error occur?
A. User psmith Is connecting outside of the SYSDATE specified.
B. The set hole hr_admin stuternent must be executed with the dbms. session. set_role procedure.
C. user psmith is connecting remotely.
D. The HR_ADMIN role must be granted to user PSMITH.
E. The HR.ROLE_CHECK procedure must be created with the AUTHID CURRENT_USERR clause.
F. The HR.ROLE_CHECK procedure must be created without the AUTHID clause.
Answer:
D
Discussions
0/ 1000
Question 4
You must mask data consistently In three database copies such that data relations across the databases remain In place. Which Data Masking Format allows this?
A. Shuffle
B. Auto Mask
C. Array List
D. Substitute
E. Random Strings
Answer:
A
Discussions
0/ 1000
Question 5
Examine this list: 1. You must monitor access to email column or salary column In the employees table. 2. If any activity is detected, the action must be audited and a notification sent out by email. 3. The database has Unified Auditing enabled. 4. You have created and successfully tested the email sending procedure, sysadmin_fga.emaii._ai.ert. You create the audit policy: A user with select privilege on hr.employees executes this : SELECT email FROM HR.EMPLOYEES; What will be the result?
A. The query will be executed, an entry will be created in the unified audit trail, and the mail will be sent.
B. The query will be executed, an entry will be created In FGA_LOG$ table, and the mall will be sent.
C. The query will be executed, but no audit entry will be created nor any mail sent.
D. The query will be executed, no audit entry will be created but the mall will be sent.
Answer:
C
Discussions
0/ 1000
Question 6
Database Vault Is configured and enabled In the Oracle database. Three users are granted the dba, dv_omneb, and dv_acctmgb roles. There is a requirement to create a user who can: 1. Connect to the database Instance 2. Select from dictionary views Which users can complete the operation to meet the requirement?
A. users granted DV_ACCTMGR and DV_OWNER roles
B. users granted DV_OWNER role
C. users granted DBA and DV_OWNER roles
D. users granted DV_ACCTMGR and DBA roles
Answer:
D
Discussions
0/ 1000
Question 7
Examine this command: Which two statements are true?
A. Opening the software keystore from remote computers is possible.
B. Opening the software keystore from the local computer Is possible.
C. Opening the software keystore from remote computers is not possible.
D. Opening the software keystore must always be done manually on the local computer.
E. Opening the software keystore from the local computer is not possible.
Answer:
AD
Discussions
0/ 1000
Question 8
Which two configurations can be used to protect sensitive data In a database?
A. setting the SQL92_SECURITy initialization parameter to false
B. enabling salt tor an encrypted column
C. creating a procedure that defines the VPD restrictions in a VPD policy
D. collecting sensitive data Information with Database Security Assessment Tool (DBSAT)
E. enforcing row-level security at the table level
F. enforcing row-level security at the database level
Answer:
CF
Discussions
0/ 1000
Question 9
The sqinet.oia file on the client contains this parameter setting: SQLNET.ENCRYPTION_CLIEKT = REQUESTED What value for the parameter sQLNET.ENCRYPTION _server In the sqlnet.ora file on the server will disable Encryption and Data Negotiation?
A. REQUESTED
B. ACCEPTED
C. REQUIRED
D. REJECTED
Answer:
D
Discussions
0/ 1000
Question 10
You are Implementing a security policy that makes use of the USERENV namespace. Which USERRENV value does not change for the duration of a session?
A. SESSION_CSER
B. CURRENT_OSER
C. CURRENT SCHEMA
D. CLIENT_INFO
Answer:
A
Discussions
0/ 1000
Question 11
Examine the statement: CREATE BOLE hr_admin IDENTIFIED USING pac_mgr.hr_admin_rola_ch9ck; Which three are true about the sec_mgr. hr_admin_role_check procedure?
A. It must use only one security check to validate the user.
B. It must use the invokcr's rights to enable the role,
C. It must use the deflner's rights to enable the role.
D. It can Include one or more security checks to validate the user.
E. It must contain a SET ROLE statement or a DBMS_SESSION.SET_ROLE call.
F. It can use only the DBMS_SESSION. SET_ROLE procedure.
G. Its owner SEC_MGR must be granted the execute any procedure role.
Answer:
CFG
Discussions
0/ 1000
Question 12
Which two are true about Database Privilege Analysis?
A. It can be used after you install the Oracle Database without any additional database configuration steps.
B. It must have the Database Vault option enabled.
C. Privilege analysis data for dropped objects are kept.
D. If a privilege is captured during run time, it is saved under the run-time capture name.
E. It shows the grant paths to the privileges and suggests which grant path to keep.
F. It cannot be used to capture the privileges that have been exercised on precompiled database objects.
Answer:
AE
Discussions
0/ 1000
Question 13
When querying the database view, VSECRYPTION_WALLET, the status Is OPEN_NO_MASTER _KEY. What does this mean?
A. You do not have select privileges on this database view.
B. The master key has been corrupted.
C. The key store is not open.
D. The master key has not been created.
E. This is expected behavior for this view.
Answer:
C
Discussions
0/ 1000
Question 14
Users and applications must be able to access a web server of type https using database package UTL_HTTP. Which three are part of the configuration to make this possible?
A. Configure liscener.oia with an endpolnt for tcps
B. Configure sqinet.ora with parameter sq.lnet.encrypt70N_server
C. Download the root certificate from the Certificate Authority In Base64 format
D. Configure sqlnet. ora with parameter tcp . invited_nodes
E. Download the trusted certificate of the web server in Base64 format a
F. Configure an Oracle wallet using mkstore or Wallet Manager
G. Configure access control lists using DBMS_NETWORK_ACL._ADMIN
Answer:
BDF
Discussions
0/ 1000
Question 15
Examine these statements which execute successfully: Which are the two reasons that no rows Are returned from the query?
A. Only DBA users can query SESSION_CONTEXT view contents.
B. An administrator issues the ALTER SYSTEM FLUSH global context statement.
C. The set_empno_crx_proc procedure must be in a package.
D. The application context is global.
E. Enterprise User Security is not configured and used for the user.