Oracle Database 11g Security Essentials v6.2 (1z0-528)

Page:    1 / 6   
Total 77 questions

In terms of recommended naming conventions, which of the following Oracle Database
Vault components should begin with a verb?

  • A. Factors
  • B. Rules
  • C. Rule sets
  • D. Realms


Answer : B

Explanation:
Oracle suggests that you start the name with a verb and complete the name with the purpose of the rule.

Which one can be used with databases from different vendors?

  • A. Advanced Security Option
  • B. Oracle Database Vault
  • C. Oracle Audit Vault
  • D. Oracle Label Security
  • E. Oracle Data Masking Pack
  • F. Virtual Private Database


Answer : C

Explanation:
Audit Vault can be used with DB2 Sybase and etc.

After you drop an Oracle Audit Vault collector, you can reuse the name of the dropped collector for another collector.

  • A. TRUE
  • B. FALSE


Answer : B

Explanation:
The drop_collector command does not delete the collector from Oracle Audit Vault. It only disables thecollector. The collector metadata is still in the database after you run the drop_collector command. If you wantto recreate the collector, create it with a different name.

Which two types of data relationships are maintained during the masking process with the
Orade Data Masking Pack?

  • A. Relationships implemented in application code
  • B. Relationships defined by foreign keys
  • C. Relationships defined within the Oracle Data Masking Pack
  • D. Relationships implemented by check constraints


Answer : B,C

Explanation:
In some applications, the same sensitive data is maintained in multiple tables related byreferential (primary key-foreign key) relationships, e.g. employee numbers in a
HumanResources application. Oracle Data Masking Pack discovers these relationships and masks allrelated data elements automatically while preserving referential relationships

What is the purpose of using SALT with Transparent Data Encryption (TDE)?

  • A. To allow for the use of an index on the encrypted data
  • B. To randomize the encryption of data in tablespaces
  • C. To randomize the encryption of data in columns
  • D. To reduce the storage required for the encrypted data.


Answer : C

Explanation:
In column section:
The Generate Key Randomly setting enables salt. Salt is a way to strengthen the security of encrypted data.
It is a random string added to the data before it is encrypted, causing repetition of text in the clear to appeardifferent when encrypted. Salt removes one method attackers use to steal data, namely, matching patterns ofencrypted text.

What can you achieve by adjusting the degree of parallelism used by the masking process?

  • A. Increase the security
  • B. Optimize the performance
  • C. Decrease the storage
  • D. The degree of parallelism used by the masking process can't be modified.


Answer : B

Explanation:
For large tables, Oracle Data Masking automatically invokes SQL parallelism to further speed up the maskingprocess.

What is the typical performance impact of using Oracle Database Vault realms?

  • A. 0
  • B. 1
  • C. 5
  • D. 10
  • E. 15


Answer : A

Explanation:
DDL and DML operations on realm-protected objects do not have a measurable effect on
Oracle Database.Oracle recommends that you create the realm around the entire schema, and then authorize specific users toperform only specific operations related to their assigned tasks. For finer-grained control, you can definerealms around individual tables and authorize users to perform certain operations on them, and also have arealm around the entire schema to protect the entire application. Be aware, however, that this type ofconfiguration may slow performance, but it does enable you to grant realm authorization to some of the objectsin a schema.

Which two of the following are reasons why regulatory compliance is a critical driver for increased database security?

  • A. Broader scope of operations requires compliance with multiple national and local compliance regulations.
  • B. Compliance regulations are not well understood, so advanced technology is required to addressthem.
  • C. Disclosure laws make security breaches costly.
  • D. Compliance regulations rarely change.


Answer : A,C

Explanation:
By restricting administrator access to your Oracle databases, Oracle Database Vault helps you to followcommon regulatory compliance requirements, such as the Payment Card
Industry (PCI) Data SecurityStandard (DSS) requirements, Sarbanes-Oxley (SOX) Act,
European Union (EU) Privacy Directive, andHealthcare Insurance Portability and
Accountability (HIPAA) Act. Theseregulations require strong internalcontrols on access, disclosure or modification of sensitive information that could lead to fraud, identity theft,financial irregularities and financial penalties.

Your customer wants to reduce costs by moving some of the DBA functions offshore, but they are concerned about the potential security implications of this move. Which security feature or option will allow them to prevent administrators from viewing their data?

  • A. Advanced Security Option
  • B. Oracle Database Vault
  • C. Oracle Audit Vault
  • D. Oracle Data Masking Pack
  • E. Virtual Private Database
  • F. Oracle Label Security


Answer : B

Explanation:
Oracle Database Vault provides the following ways for you to restrict administrator access to an Oracledatabase:
Group database schemas, objects, and roles that you want to secure.
Create PL/SQL expressions to customize your database restrictions.
Designate specific PL/SQL statements that are accessible or not accessible to users.
Define attributes to record data such as session users or IP addresses that Oracle
Database Vault canrecognize and secure.
Design secure application roles that are enabled only by Oracle Database Vault rules.
You can create these components by using either Oracle Database Vault Administrator, or by using its PL/SQLpackages.

Oracle Database Vault command mles are based on Oracle Database Vault rules.

  • A. TRUE
  • B. FALSE


Answer : B

Explanation:
There is no such command in Oracle Database Vault Administrators Guide

What factor is a critical driver for implementing enhanced security on data?

  • A. Increased compliance regulations
  • B. The need to ensure reliable backups
  • C. Data integrity concerns
  • D. Increased needs for strategic use of their data


Answer : A

Explanation:
Increased compliance regulations can lead to additional security requirements.

If you do not have access to Oracle Wallet with the master key for TDE, you will not be able to access the encrrypted data

  • A. TRUE
  • B. FALSE


Answer : A

Explanation:
If you do not have the Oracle wallet with the master key for TDE, you will not be able toaccess the encrypted data.

Which can be used to enforce separation of duties?

  • A. Oracle Database Vault
  • B. Oracle Audit Vault
  • C. Virtual Private Database
  • D. Oracle Data Masking Pack


Answer : A

Explanation:
Database Vault and Advanced Security Option can be used to enforce separation of duties.

Identify the two benefits provided by Oracle Audit Vault.

  • A. Consolidated reporting across multiple databases
  • B. The ability to limit access based on tables
  • C. The ability to limit access based on data values
  • D. The ability to receive alerts on security access violations
  • E. Data obfuscation


Answer : A,D

Explanation:
Audit Vault provides consolidated reporting across multiple databases and active alerts ofsecurity violations

Your customer wants to move some of their DBA work offshore. Which of the following is the best reason to use Oracle's security features and options?

  • A. The requirement to execute backups offshore would require network encryption to reduce network traffic
  • B. The requirement to allow database administrators to administer the database without having access to theapplication data.
  • C. The increased number of DBAs would require more centralized permission management with OracleDatabase Vault
  • D. Transferring DBA work offshore would require obscuring data with the Oracle Data Masking Pack.
  • E. Offshore DBA organizational structures would require the use of a virtual private database to grantdifferential access to data in a table.


Answer : D

Explanation:
Oracle Data Masking is yet another option to be considered to mask sensitive informationsuch as credit card or social security numbers can be replaced with realistic values, allowingproduction data to be safely used for development, testing, or sharing with out-source or offshorepartners for other non-production purposes.

Page:    1 / 6   
Total 77 questions