Docstoc

11G DBA 1Z0-528

Document Sample
11G DBA 1Z0-528 Powered By Docstoc
					WWW.EXAMSKING.COM




 11g DBA EXAM 1Z0-528
 Oracle Database 11g Security            Exams King
 Essentials
 http://www.examsking.com/1Z0-528.html   www.examsking.com
Question: 1


You have a system installed with Oracle 11g. You are concerned about the security of the database instances
in your system. You plan to use Oracle Database Vault to create several components to manage the security
of the database instances. Which of the following components can be created using Oracle Database Vault?
Each correct answer represents a complete solution. Choose all that apply.

A. Realms
B. RMAN
C. Command rules
D. Factors

                                                                                      Answer: A, C, and D

Explanation:
The components of Oracle Database Vault Access Control are as follows:
Realm: It is the efficient collection of database schemas, objects, and roles that have to be secured.
Secure application role: It is a unique Oracle Database role that is permitted on the basis of assessment of an
Oracle Database Vault rule set.
Command Rule: It is a unique rule that can be created to control the way users execute SQL statements,
including SELECT, ALTER SYSTEM, database definition language (DDL), and data manipulation language (DML)
statement.
Factor: It is an attribute or a named variable. It can be a user location, database IP address, or session user,
which can be secured and acknowledged by Oracle Database Vault.
Rule Set: It is a set of one or more rules that can be related with realm approval, command rule, factors, or a
secure application role. Answer: B is incorrect. Recovery Manager (RMAN) is an Oracle utility that is used to
manage backup and recovery operations. Recovery Manager can back up database files (data files, control
files, and archived redo log files) and restore or recover a database by using a backup.
Recovery Manager uses a central information repository called recovery catalog in order to store metadata
about backup and recovery operations. However, if a recovery catalog is not created, Recovery Manager
uses the target database's (the database that RMAN is backing up or restoring) control file as a repository for
storing the information necessary for backup and recovery operations.
Recovery Manager can be invoked as a command line utility from the operating system command prompt.
However, its few features can also be used through Oracle Enterprise Manager GUI.




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                                2
Question: 2


Which of the following is NOT a feature of the Data Masking Pack?

A. Sophisticated Masking Techniques
B. Secure High Performance Mask Execution
C. Comprehensive and Extensible Mask Library
D. Automated patching for Oracle products and the operating system

                                                                                       Answer: D

Explanation:
Automated patching for Oracle products and the operating system is NOT a feature of the Data Masking
Pack. It is a feature of the Provisioning Pack.
Answer: C, A, and B are incorrect. The features of Oracle Data Masking Pack are as follows:
Comprehensive and Extensible Mask Library: Oracle Data Masking Pack provides the whole library, which
can be extended so as to meet data privacy and application requirements.
Sensitive Data Discovery and Referential Integrity: An information security administrator uses the Oracle
Data Masking Pack so as to quickly search the database to identify sensitive data. Oracle Data Masking Pack
discovers and preserves the referential relationship established between multiple tables that share the same
sensitive data.
Sophisticated Masking Techniques: Oracle Data Masking Pack provides several masking techniques, such as
condition-based masking, compound masking, and deterministic masking, so that after the process of
masking, the application works without any error.
Secure High Performance Mask Execution: Before mask execution, Oracle Data Masking Pack does some
validation checks so that the mask formats are the same as the data types of the table and there are no
errors in the masking process.




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                            3
Question: 3



Rick works as a Database Administrator in Dolliver Inc. The company uses Oracle 11g on its database server.
There is a "customer_detail" table in the database. Rick wants to mask the customer number in the table in
such a way that it gets masked to the same value across the entire database. Which masking technique of
Data Masking Pack should he apply to accomplish the task?

A. Compound masking
B. Condition-based masking
C. Shuffling
D. Deterministic masking

                                                                                        Answer: D

Explanation:
Following are the sophisticated masking techniques of Oracle Data Masking Pack:
Condition-based masking: In this masking technique, various kinds of masks are applied to a similar data set.
The data set are selected based on the conditions applied to rows.
Compound masking: In this masking technique, those columns that have a certain relationship between
them are masked as a group, so that the data that is masked in the related column pertains to the same
relationship.
Deterministic masking: In this masking technique, consistent masking is done within and across all
databases.
Answer: C is incorrect. It is the data masking technique in networks.


Question: 4


Which of the following options employs labeling concepts used by government and defense organizations to
protect sensitive information and to provide data separation?

A. Oracle Label Security
B. Oracle Database Vault Security
C. Oracle Audit Vault Security
D. Oracle Advanced Security

                                                                                        Answer: A




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                             4
Explanation:
Oracle Label Security makes use of the label theory, which is used by government and defense organizations
to preserve sensitive information and to provide data separation.
Answer: C is incorrect. Oracle Audit Vault Security is a secure tamper proof Oracle database feature that
mitigates many security risks and helps to protect an organization from insiders.
Answer: B is incorrect. Oracle Database Vault Security is used for high granular access restriction and
separation of duties.
Answer: D is incorrect. Oracle Advanced Security is used for the transparent encryption of data and
management of keys.


Question: 5


You are a Database Administrator in Dolliver Inc. Oracle 11g is installed as the database server in the
company. You want to protect data from privileged users through some preventive controls and also secure
the database transparently. Which of the following security options will you adopt to accomplish the task?

A. Enterprise Manager Data Masking Pack
B. Database Vault
C. Audit Vault
D. Advanced Security

                                                                                        Answer: B

Explanation:
Oracle Database Vault is a security option in Oracle 11g that protects applications and sensitive data from
privileged users by preventive controls, thus reducing the risk of unauthorized access. It also secures
databases transparently, removing costly and time-consuming application changes. A number of access
controls are set up so as to implement dynamic and flexible security requirements.
Answer: C, A, and D are incorrect. Following are the four main security options available in Oracle 11g:
1.Advanced Security Option: It is used for the transparent encryption of data and the management of keys.
2.Audit Vault: It is used for monitoring both non-Oracle and Oracle data sources.
3.Enterprise Manager Data Masking Pack: It is used for tuning control over sensitive data.
4.Database Vault: It is used for high granular access restriction and separation of duties.




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                           5
Question: 6



Sam works as a Database Administrator for uCertify Inc. The company is using Oracle 11g as the database
server. Sam wants to adopt a security feature on the database that enforces the security rules, regardless of
the way the data is accessed. Which of the following security features should he adopt to accomplish the
task?

A. Real Application Cluster (RAC)
B. Virtual Private Database (VPD)
C. Enhanced security features with execution context
D. Label Security

                                                                                           Answer: B

Explanation:
Virtual Private Database (VPD) is one of the security features of Oracle 11g that couples fine-grained access
control with a secure application context. In this feature, the security rules are attached to the data instead
of the application which ensures that security rules are enforced regardless of how the data is accessed. It is
useful in situations where associated database roles and standard object privileges are not able to meet the
application security requirements.
Answer: D is incorrect. Label Security is not used for this purpose, as it restricts access to rows in any table
that is based on the label of the user requesting the access and the label on the row of the table itself.
Answer: A is incorrect. RAC is not used, as it allows a number of instances at different servers to access the
same database files.
Answer: C is incorrect. It is the security feature of SQL Server.


Question: 7



David works as a Database Administrator for Gentech Inc. The company is using Oracle 11g as the database
server. David wants to adapt such a security option that will provide no application changes to the database,
built-in key management, and high performance to the database. Which security option should he adopt to
accomplish the task?

A. Database Vault
B. Label Security
C. Audit Vault
D. Advanced Security Option

                                                                                           Answer: D

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                                6
Explanation:
The Oracle Advanced Security Option protects sensitive data on the network or on the backup media from
unauthorized users by transparently encrypting the data with no application changes. This option provides
high performance to the database and has a built-in key management facility that removes the complexity
associated with the key management solution.
Answer: A is incorrect. Database Vault protects application data from access by database administrators and
any other privileged user.
Answer: C is incorrect. Audit Vault detects insider threats and also alerts you about suspicious activity.
Answer: B is incorrect. Label Security provides Oracle database sensitivity of consolidated data through
multiple databases.


Question: 8



You work as a Database Administrator for uCertify Inc. The company uses Oracle 11g on its database server.
The server contains a database named "Company_Project_Details". The database is shared among multiple
departments of the company for regular updation. Looking at the security issues of the database, you have
been assigned the task to apply some security solution to the database.
To accomplish the task, you plan to apply Database Label Security on this database. Which of the following
components of the Database Label Security should you apply in order to secure this database?
Each correct answer represents a complete solution. Choose all that apply.

A. Compartments
B. Source database
C. Levels
D. Groups

                                                                                      Answer: C, A, and D

Explanation:
The components of Oracle Database Label Security are as follows:
Levels: It is a hierarchical component that denotes data sensitivity. Every individual data label should have a
level. The levels can be confidential, sensitive, and highly sensitive.
Compartments: It is a non-hierarchical component, which is sometimes referred to as category. It is an
optional component. To compartmentalize data, one or more compartments are defined for a specific type
of data, knowledge area, or project that requires special approval.
Groups: It is very similar to compartment with a few exceptions and is also an optional component. It is used
to segregate data by organization.
Answer: B is incorrect. It is a component of Audit Vault from which data is collected.




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                               7
Question: 9



Which of the following components of Oracle Database Vault is a Java application that is built on top of the
Oracle Database Vault PL/SQL application programming interfaces (API)?

A. Oracle Database Vault Administrator (DVA)
B. Oracle Database Vault Access Control Components
C. Oracle Database Vault DVSYS and DVF Schemas
D. Oracle Database Vault Reporting and Monitoring Tools

                                                                                         Answer: A

Explanation:
The components of Oracle Database Vault (ODV) are as follows:
Oracle Database Vault Access Control Components: These enable a user to create a number of components
for the database instance security management.
Oracle Database Vault Administrator (DVA): It is a Java application built on top of the Oracle Database Vault
PL/SQL application programming interfaces (API).
Oracle Database Vault Configuration Assistant (DVCA): It is used to perform maintenance tasks on the Oracle
Database Vault installation for which it uses the command-line utility.
Oracle Database Vault DVSYS and DVF Schemas: DVSYS and DVF are schemas provided by ODV.
Oracle Database Vault PL/SQL Interfaces and Packages: PL/SQL interfaces and packages are provided by
ODV. These allow security managers or application developers to configure the required access control
policy.
Oracle Database Vault and Oracle Label Security PL/SQL APIs: The access control capabilities provided by
ODV is integrated with Oracle Label Security which in turn provides a collection of PL/SQL APIs.
Oracle Database Vault Reporting and Monitoring Tools: These tools are used to generate reports on the
number of activities monitored by ODV.




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                             8
Question: 10



Sam works as a Database Administrator for Gentech Inc. The company is using Oracle 11g as the database
server. Sam wants to protect the company's data by encrypting the physical data files created on the
operating system. Which of the following types of encryption should he use to accomplish the task?

A. Network encryption
B. Transparent Data Encryption (TDE) for tablespace
C. Transparent Data Encryption (TDE) for securefiles
D. Transparent Data Encryption (TDE) for column

                                                                                            Answer: B


Explanation:
Transparent tablespace encryption is used to encrypt not only the columns or rows but the whole
tablespace. So all the data that is put into the tablespace (including transportable tablespaces, backups, and
so on) gets automatically encrypted, making it easier to see that all relevant data is encrypted. It is also used
to encrypt the physical data files created on the operating system.
Answer: D is incorrect. It is used to encrypt important data that is written in the application table columns.
Answer: C is incorrect. It is used to perform block-level encryption of LOB contents.
Answer: A is incorrect. It is used to encrypt data that is traveling across the network between the database
and client or mid-tier applications.


Question: 11



David works as a Database Administrator for uCertify Inc. The company is using Oracle 11g as the database
server. David wants to adopt security options so as to protect the database of the company. Which of the
following security options should he adopt to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

A. Chain of trust
B. Database Vault
C. Audit Vault
D. Advanced Security Option

                                                                                      Answer: B, D, and C



For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                                 9
Explanation:
Following are the four main security options available in Oracle 11g:
1.Advanced Security Option: It is used for the transparent encryption of data and the management of keys.
2.Audit Vault: It is used for monitoring both non-Oracle and Oracle data sources.
3.Enterprise Manager Data Masking Pack: It is used for tuning control over sensitive data.
4.Database Vault: It is used for high granular access restriction and separation of duties.
Answer: A is incorrect. The chain of trust is a technique that is used to confirm that all software (loaded on a
system) are certified as authentic by the system's designers.


Question: 12


Which of the following are the advantages of Oracle Database Vault?
Each correct answer represents a complete solution. Choose all that apply.

A. It disables the separation of duty.
B. It enables the separation of duty.
C. It controls access to database and application data by highly privileged users.
D. It imposes multi-factor authorization by the use of flexible business rules.

                                                                                      Answer: B, C, and D
Explanation:
The advantages of Oracle Database Vault are as follows:
It enhances a user's ability to fulfill the requirements and other policy rules that permit access control and
release of sensitive information.
It controls access to database and application data by highly privileged users.
It enables the separation of duty.
It is validated with PeopleSoft applications.
It imposes multi-factor authorization by the use of flexible business rules.


Question: 13

Andrew works as a Database Administrator for Tech Mart Inc. The company uses Oracle 11g as the database
server. Andrew has been assigned the task to apply a security feature to the database of the organization to
protect the database from insiders. This security feature should also mitigate several security risks. Which of
the following security features should he adopt to accomplish the task?

A. Database Vault
B. Audit Vault
C. Enterprise Data Masking Pack
D. Advanced Security Option

                                                                                           Answer: B

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                                10
Explanation:
Audit Vault is a secure tamper proof Oracle database feature that mitigates many security risks and helps to
protect an organization from insiders. It does not allow alteration or modification of the audit data. It
facilitates audit data analysis, which includes timely detection of policy violations. It only reports from a
single repository at a time.
Answer: A, D, and C are incorrect. Following are the four main security options available in Oracle 11g:
1.Advanced Security Option: It is used for the transparent encryption of data and the management of keys.
2.Audit Vault: It is used for monitoring both non-Oracle and Oracle data sources.
3.Enterprise Manager Data Masking Pack: It is used for tuning control over sensitive data.
4.Database Vault: It is used for high granular access restriction and separation of duties.


Question: 14


Which method should be adopted to retrieve all those rows whose sensitive columns have a null value and
which are restricted by Virtual Private Database security?

A. Transparent Tablespace Encryption
B. Access Control List
C. Transparent Data Encryption
D. Column masking

                                                                                         Answer: D

Explanation:
Column masking is used with the Virtual Private Database to overcome the drawback of Column relevance.
The problem that arises with the column level Virtual Private Database security is that it restricts the rows
that contain data for sensitive columns. Through column masking, the data of all such rows is put on show
where the sensitive columns have a null value. This way, authorized users can access more information, and
only the sensitive information is hidden.
Answer: B is incorrect. Access Control List is used to restrict the allowed target host.
Answer: C is incorrect. Transparent Data Encryption (TDE) is a security feature that secures data in large
objects and tablespaces.
Answer: A is incorrect. Transparent Tablespace Encryption is used to encrypt the entire tablespace.




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                             11
Question: 15



Andrew works as a Database Administrator for Tech Mart Inc. The company uses Oracle 11g as the database
server and deals with the development of various database applications. During such developments,
production data is copied into other non-production environments. This leads to several confidential risks.
Andrew has been assigned the task to minimize the risk of handling such sensitive information. Which pack
of Enterprise Manager should he adopt to accomplish the task?

A. Oracle Data Masking Pack
B. Oracle Change Management Pack
C. Oracle Diagnostic Pack
D. Oracle Configuration Management Pack

                                                                                        Answer: A

Explanation:
Oracle Data Masking Pack is used to reduce the risk of handling important information at the time of testing,
application development, or data analysis when the production data is copied into a non-production
environment. The mask puts back the fictitious data in place of sensitive data, so that the data which is
produced is shared by the IT developers or offshore business partners.
Answer: B is incorrect. Oracle Change Management Pack is used by enterprises for the easy identification of
the impact of upgrades of applications.
Answer: D is incorrect. Oracle Configuration Management Pack is used for the better management of IT
configuration and for the improvement of services.
Answer: C is incorrect. Oracle Diagnostic Pack is used to provide better quality of services through advanced
event notification.




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                                             12
Thank You For Trying Our Demo




                                 11g DBA EXAM 1Z0-528
                        Oracle Database 11g Security
                                   Essentials
                       http://www.examsking.com/1Z0-528.html

If you have any questions or difficulties regarding this
product, feel free to contact Us.
For interactive and self-paced preparation of exam 1Z0-528, try our
practice exams. Practice exams also include self assessment and
reporting features!




For interactive and self-paced preparation of exam 1Z0-528, try our practice exams.
Practice exams also include self assessment and reporting features.                   13

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:9
posted:4/6/2011
language:English
pages:13
Description: This free ORACLE 1Z0-528 exam study material is provided by Examsking.com. We suggest you to visit the site and see the specific 1Z0-528 product page for more 11G DBA 1Z0-528 preparation related products. All the products are provided with full technical support and money back guarantee.