In terms of recommended naming conventions, which of the following Oracle Database
Vault components should begin with a verb?
Answer : B
Explanation:
Oracle suggests that you start the name with a verb and complete the name with the purpose of the rule.
Which one can be used with databases from different vendors?
Answer : C
Explanation:
Audit Vault can be used with DB2 Sybase and etc.
After you drop an Oracle Audit Vault collector, you can reuse the name of the dropped collector for another collector.
Answer : B
Explanation:
The drop_collector command does not delete the collector from Oracle Audit Vault. It only disables thecollector. The collector metadata is still in the database after you run the drop_collector command. If you wantto recreate the collector, create it with a different name.
Which two types of data relationships are maintained during the masking process with the
Orade Data Masking Pack?
Answer : B,C
Explanation:
In some applications, the same sensitive data is maintained in multiple tables related byreferential (primary key-foreign key) relationships, e.g. employee numbers in a
HumanResources application. Oracle Data Masking Pack discovers these relationships and masks allrelated data elements automatically while preserving referential relationships
What is the purpose of using SALT with Transparent Data Encryption (TDE)?
Answer : C
Explanation:
In column section:
The Generate Key Randomly setting enables salt. Salt is a way to strengthen the security of encrypted data.
It is a random string added to the data before it is encrypted, causing repetition of text in the clear to appeardifferent when encrypted. Salt removes one method attackers use to steal data, namely, matching patterns ofencrypted text.
What can you achieve by adjusting the degree of parallelism used by the masking process?
Answer : B
Explanation:
For large tables, Oracle Data Masking automatically invokes SQL parallelism to further speed up the maskingprocess.
What is the typical performance impact of using Oracle Database Vault realms?
Answer : A
Explanation:
DDL and DML operations on realm-protected objects do not have a measurable effect on
Oracle Database.Oracle recommends that you create the realm around the entire schema, and then authorize specific users toperform only specific operations related to their assigned tasks. For finer-grained control, you can definerealms around individual tables and authorize users to perform certain operations on them, and also have arealm around the entire schema to protect the entire application. Be aware, however, that this type ofconfiguration may slow performance, but it does enable you to grant realm authorization to some of the objectsin a schema.
Which two of the following are reasons why regulatory compliance is a critical driver for increased database security?
Answer : A,C
Explanation:
By restricting administrator access to your Oracle databases, Oracle Database Vault helps you to followcommon regulatory compliance requirements, such as the Payment Card
Industry (PCI) Data SecurityStandard (DSS) requirements, Sarbanes-Oxley (SOX) Act,
European Union (EU) Privacy Directive, andHealthcare Insurance Portability and
Accountability (HIPAA) Act. Theseregulations require strong internalcontrols on access, disclosure or modification of sensitive information that could lead to fraud, identity theft,financial irregularities and financial penalties.
Your customer wants to reduce costs by moving some of the DBA functions offshore, but they are concerned about the potential security implications of this move. Which security feature or option will allow them to prevent administrators from viewing their data?
Answer : B
Explanation:
Oracle Database Vault provides the following ways for you to restrict administrator access to an Oracledatabase:
Group database schemas, objects, and roles that you want to secure.
Create PL/SQL expressions to customize your database restrictions.
Designate specific PL/SQL statements that are accessible or not accessible to users.
Define attributes to record data such as session users or IP addresses that Oracle
Database Vault canrecognize and secure.
Design secure application roles that are enabled only by Oracle Database Vault rules.
You can create these components by using either Oracle Database Vault Administrator, or by using its PL/SQLpackages.
Oracle Database Vault command mles are based on Oracle Database Vault rules.
Answer : B
Explanation:
There is no such command in Oracle Database Vault Administrators Guide
What factor is a critical driver for implementing enhanced security on data?
Answer : A
Explanation:
Increased compliance regulations can lead to additional security requirements.
If you do not have access to Oracle Wallet with the master key for TDE, you will not be able to access the encrrypted data
Answer : A
Explanation:
If you do not have the Oracle wallet with the master key for TDE, you will not be able toaccess the encrypted data.
Which can be used to enforce separation of duties?
Answer : A
Explanation:
Database Vault and Advanced Security Option can be used to enforce separation of duties.
Identify the two benefits provided by Oracle Audit Vault.
Answer : A,D
Explanation:
Audit Vault provides consolidated reporting across multiple databases and active alerts ofsecurity violations
Your customer wants to move some of their DBA work offshore. Which of the following is the best reason to use Oracle's security features and options?
Answer : D
Explanation:
Oracle Data Masking is yet another option to be considered to mask sensitive informationsuch as credit card or social security numbers can be replaced with realistic values, allowingproduction data to be safely used for development, testing, or sharing with out-source or offshorepartners for other non-production purposes.