1z0-116 Practice Exam Questions with Answers Oracle Database Security Administration Certification

Set sqlnet.aothentication_sebvices=(NONe» In sqlnet.ora on the database server.

Remove all OS users from OS groups: osdba, osoper, osbackupdba, osdgdba, osrmdba, OSASMADMIN, OSASMDBA.

Set REMOTE_LOGIH_PASSWORDFILE = EXCLUSIVE In the init.ora file.

Set REMOTE_OS_AUTHENT = FALSE In the init.ora file.

SESSION_CSER

CURRENT_OSER

CURRENT SCHEMA

CLIENT_INFO

SYS

users with the DV_ACCTMGR role

users with the DV_OWNER role

users with the DV_ADMIN role

SYSTEM

The salary column is fine grain audited.

The salary column is nullified when queried by the database users.

The bind variables for the salary column are masked In trace files and vS views.

The salary column is encrypted using TDE column encryption.

The salary column is redacted when queried by database users.

System privileges override command rules.

If a command rule's associated rule set evaluation results In an error, the command is not allowed to execute.

A command can have only one command rule that applies to it.

For DML statement command rules, you can specify a wildcard for the object owner.

If a command rule's associated rule set Is disabled, then the rule set evaluates to true.

For DML statement command rules, you can specify a wildcard for the object name.

Object privileges override command rules.

to authenticate externally Identified users locally

to authenticate nonprivllegcd database users locally

to authenticate administrative privileged users remotely

to authenticate externally Identified users remotely

to authenticate nonprivileged database users remotely

to authenticate administrative privileged users locally

It denies Instance registration through IPC.

It can only be used with Oracle RAC.

It enforces the Listener connectivity through TCPS.

It is a replacement for Class of Secure Transport (COST).

It restricts specific instances from registering with the Listener.

on client side of server B

on client side of server A

on server side of server B

on server side of server A

the private key of the database service

the trusted certificates of the database service

the user certificate used to uniquely Identify the database service

the private key of the client application

the username, password, and service name required to connect to the database

the user certificate used to uniquely Identify the client application

the trusted certificates of the Certification Authority

Privileges Required

User Interaction

Attack Vector

Scope

Availability

Attack Complexity

init. era

listener.ora

aqlnet.ora

tnsnaroes.ora

names.ora

server.xml

It must use only one security check to validate the user.

It must use the invokcr's rights to enable the role,

It must use the deflner's rights to enable the role.

It can Include one or more security checks to validate the user.

It must contain a SET ROLE statement or a DBMS_SESSION.SET_ROLE call.

It can use only the DBMS_SESSION. SET_ROLE procedure.

Its owner SEC_MGR must be granted the execute any procedure role.

They ate used to control access by users to external network services and resources from the database through PL/SQL.

They are used to provide access to database packages.

They are used to control the usage of UTL_TCP, ITL_HTTP, and UTL_INADDR.

They are used to configure proxy for PL/SQL network utility packages.

The client Identifier is automatically included In the audit trail.

The client Identifier is automatically set by the SQL-Net layer.

A session can have multiple client Identifier values set simultaneously.

The client Identifier cannot be changed during the session.

It can bo used for tables in encrypted tablcspaces.

encrypted columns cannot have an Index.

All encrypted columns of a table use the same encryption key.

Column level encrypted data remains encrypted in the buffer cache.

Column-level encryption keys are not encrypted by the master key.

orapki

netca

dbca

netmgr

mkstore

owm

You do not have select privileges on this database view.

The master key has been corrupted.

The key store is not open.

The master key has not been created.

This is expected behavior for this view.

User psmith Is connecting outside of the SYSDATE specified.

The set hole hr_admin stuternent must be executed with the dbms. session. set_role procedure.

user psmith is connecting remotely.

The HR_ADMIN role must be granted to user PSMITH.

The HR.ROLE_CHECK procedure must be created with the AUTHID CURRENT_USERR clause.

The HR.ROLE_CHECK procedure must be created without the AUTHID clause.

AUDIT CONTEXT NAMESPACE hr_Ct:x ATTRIBUTES hr_app_id NAMESPACE USERENV ATTRIBUTES ALL BY hr;

AUDIT CONTEXT NAMESPACE hr_ctx ATTRIBUTES hr_app_id NAMESPACE USERENV ATTRIBUTES

current:_user( db_name BY hr;

CREATE AUDIT POLICY hr_omp_pol ACTIONS UPDATE ON hr.employoes;

AUDIT CONTEXT NAMESPACE hr_ctx ATTRIBUTES hr_app_id, current_user, db_name BY hr

AUDIT POLICY hr_emp_pol BY hr;

CREATE AUDIT POLICY hr_emp_pol ACTIONS SELECT ON hr. employees;

AUDIT POLICY hr_emp_pol EXCEPT hr;

It can be used after you install the Oracle Database without any additional database configuration steps.

It must have the Database Vault option enabled.

Privilege analysis data for dropped objects are kept.

If a privilege is captured during run time, it is saved under the run-time capture name.

It shows the grant paths to the privileges and suggests which grant path to keep.

It cannot be used to capture the privileges that have been exercised on precompiled database objects.

The target database wallet can be uploaded to the data_pctmp_dtr directory.

The db_link_cred parameter stores the password in a wallet.

The db__link__cred references the credential for the username and password for the target database.

The credential_nam£ parameter automatically creates the credential object store.

The database link port Is not correct because It must be restricted to 1521.

Only data_pump_dir directory can be used to store credential wallets.

The actual data in the tables is copied to the Data Pump target system with the redaction policy applied.

The policy Is not Included In export and Import operation.

The actual data in the tables is copied to the Data Pump target system without being redacted.

The policy Is Included In the export and Import operation but is not applied by default to the objects In the target system.

The policy is included in the export and import operation and applied by default to the objects in the target system.