• Home
  • Articles
  • A fully updated 2023 1Z0-116 Exam Dumps exam guide from training expert 2Pass4sure [Q15-Q33]

A fully updated 2023 1Z0-116 Exam Dumps exam guide from training expert 2Pass4sure [Q15-Q33]

Share

A fully updated 2023 1Z0-116 Exam Dumps exam guide from training expert 2Pass4sure

Provides complete coverage of every objective on exam and exam preparation 1Z0-116


The Oracle 1z1-116 exam, also known as the Oracle Database Security Administration exam, is a certification exam that tests the knowledge and skills of professionals in securing Oracle databases. The exam is designed for individuals who are responsible for planning, implementing, and managing security measures for Oracle databases. The 1z1-116 exam covers a wide range of topics, including database security architecture, data encryption, access control, auditing, and compliance.


The Oracle 1z1-116 certification exam is a valuable credential for professionals who want to demonstrate their knowledge and expertise in database security administration. By passing the exam, candidates can enhance their career prospects, increase their earning potential, and gain recognition as experts in the field. With the right preparation and experience, anyone can earn this certification and take their career to the next level.

 

NEW QUESTION # 15
Examine this statement and its result:

You issue this statement and then restart the database instance:

Which Is true about generated audit records?

  • A. They now Include all application context attribute values.
  • B. Information is now populated in auds .commentstext.
  • C. They now Include SQL statements and any bind variables.
  • D. They are now written to XML files as well as the database.

Answer: A


NEW QUESTION # 16
Which two commands can a user with the syskm privilege execute?

  • A. SELECT * FROM DBA_OBJECTS;
  • B. ALTER TABLESPACE APPDATA ENCRYPTION OFFLINE ENCRYPT;
  • C. ALTER SYSTEM FLUSH PASSWORDFILE_METADATA_CACHE;
  • D. ALTER DATABASE DICTIONARY REKEY CREDENTIALS;
  • E. SELECT * FROM DBA_TABLESPACES WHERE ENCRYPTED = 'YES*;
  • F. ADMINISTER KEY MANAGEMENT SET KFYSTOBF OPEN IDENTIFIED BY password:

Answer: A,E


NEW QUESTION # 17
Examine this code which executes successfully:

If the IN_OFFICE_ON_WEEKEND rule set returns true for an attempt to connect from Inside the office on weekends, which two are true about the effects of this configuration?

  • A. TOM can never connect.
  • B. JIM con never connect.
  • C. This has no effect on tom's connect attempts.
  • D. This has no effect on JIM'S connection attempts.
  • E. JIM can only connect when In the office on weekends.

Answer: B,E


NEW QUESTION # 18
You grant user JANE the SYSDBA administrative privilege. Which two are true?

  • A. User JANE must always connect as SYSDBA to the database instance.
  • B. User JANE can grant SYSDBA privilege to roles.
  • C. User JANE acquires the DBA role by default.
  • D. User JANE must use operating system authentication.
  • E. User JANE can create objects In sys schema only when connected as SYSDBA.
  • F. User JANE can backup and recover the database.

Answer: E


NEW QUESTION # 19
You export and Import a table's data using Data Pump connected as a user who Is assigned DBA role with default privileges.
There is a data redaction policy on the table.
Which two statements are true about the redaction policy?

  • A. The actual data in the tables is copied to the Data Pump target system without being redacted.
  • B. The policy Is Included In the export and Import operation but is not applied by default to the objects In the target system.
  • C. The policy Is not Included In export and Import operation.
  • D. The actual data in the tables is copied to the Data Pump target system with the redaction policy applied.
  • E. The policy is included in the export and import operation and applied by default to the objects in the target system.

Answer: A,C


NEW QUESTION # 20
Examine this command:

What masking definitions does it list?

  • A. All with the name credit and the commands to deploy them on a database with the name test.
  • B. All with the name credit and created on databases with name starting with teat.
  • C. All with the name credit and the commands to deploy them on all databases with names starting with test.
  • D. All with names starting with credit and created on any database.
  • E. All with names starting with credit and created on databases with names starting with test.

Answer: B


NEW QUESTION # 21
Database Vault Is configured and enabled In the Oracle database.
Three users are granted the dba, dv_omneb, and dv_acctmgb roles.
There is a requirement to create a user who can:
1. Connect to the database Instance
2. Select from dictionary views
Which users can complete the operation to meet the requirement?

  • A. users granted DV_ACCTMGR and DBA roles
  • B. users granted DV_ACCTMGR and DV_OWNER roles
  • C. users granted DBA and DV_OWNER roles
  • D. users granted DV_OWNER role

Answer: A


NEW QUESTION # 22
You must rekey encrypted sensitive credential data In your database.
You run the command alter database dictionary rekey credentials.
Which three options ate true about the bkkey process?

  • A. Both sys. links and sys . SCHEDULER_CREDENTIAL tables are rekeyed.
  • B. The credential data encryption process does not de-obfuscate the obfuscated passwords before re-encrypts begin.
  • C. The rekey process only applies to the SYS.SCHEDULES$ credential table.
  • D. The process of rekeylng does not automatically open the keystore.
  • E. The rekey process only applies to the sys.ltnks CREDENTUIALS table.
  • F. Credential Data Is automatically encrypted using aes2S6.
  • G. The rekey process prompts the user to provide a new key algorithm If needed.

Answer: B,C,E


NEW QUESTION # 23
Which two configurations can be used to protect sensitive data In a database?

  • A. creating a procedure that defines the VPD restrictions in a VPD policy
  • B. enforcing row-level security at the table level
  • C. collecting sensitive data Information with Database Security Assessment Tool (DBSAT)
  • D. setting the SQL92_SECURITy initialization parameter to false
  • E. enabling salt tor an encrypted column
  • F. enforcing row-level security at the database level

Answer: A,F


NEW QUESTION # 24
To avoid hard coding passwords in scripts, you have elected to create an external password store-Examine this list of steps:
1. Set the external password store wallet location.
ALTER SYSTEM SET EXTERNAL_KEYSTORE_CREDENTIAL_LOCATION = "/*tc/ORACLE/WALLETS/orcl/external_Btore" SCOPE c SPFILE;
2. Log in as a user who has syskm privileges.
3. Create an auto-logln keystore that contains the keystore password including the add secret clause.
ADMINISTER KEY MANAGEMENT ADD SECRET 'password'
FOR CLIENT 'TDE_WALLET'
TO LOCAL AUTO_LOGIH KEYSTORE '/etc/0RACLE/WALLETS/orcl/extemal_store';
4. Restart the database instance as sysdba.
SHUTDOWN IMMEDIATE STARTUP
5. Create an auto-logln keystore that contains the keystore password.
ADMINISTER KEY MANAGEMENT
FOR CLIENT 'TDE_WALLET'
TO LOCAL AUTO_L0GIN KEYSTORE ' /etc/ORACLE/WALLETS/orcl/external_store' ;
6. Set an Encryption Key.
ADMINISTER KEY MANAGEMENT SET ENCRYPTION KEY IDENTIFIED BY keystore_password WITH BACKUP Identify the minimum number of steps in the correct order that must be performed to create the external password store.

  • A. 1,2,6,3,5
  • B. 1,2,5,4
  • C. 2,1,3,4
  • D. 1,2,3,4
  • E. 2,3,6,4
  • F. 1,2,3,6,4

Answer: A


NEW QUESTION # 25
Database Vault realm r protects all tables In the fin schema from DBA access User fin is configured as the owner in realm R.
You must also prevent access to realm r protected tables by user FIN. Which achieves this?

  • A. Revoke the select any table privilege from user FIN.
  • B. Remove the owner authorization of user fin in realm R.
  • C. Make realm R a mandatory realm.
  • D. Make user FIN participant In realm r. Instead of owner.

Answer: D


NEW QUESTION # 26
You configured Kerberos authentication for databases running on servers A and B.
However a database link connecting the database on server A to the database on server B fails with ORA-12638 Credential retrieval failed.
Where must you make a change to sqlnet.ora to allow the database link to use its stored credentials Instead of trying to use Kerberos?

  • A. on server side of server B
  • B. on client side of server A
  • C. on server side of server A
  • D. on client side of server B

Answer: B


NEW QUESTION # 27
Which type of masking directly masks and subsets data In a nonproduction database with minimal or no Impact on production environments?

  • A. In-export
  • B. in-database
  • C. conditional format
  • D. deterministic
  • E. heterogeneous

Answer: B

Explanation:
In-Database
In-Database mode directly masks and subsets the data within a non-production database with minimal or no impact on production environments. Since the In-Database masking and subsetting mode permanently changes the data in a database, it is strongly recommended to use this mode for non-production environments such as staging, test, and development databases rather than using it on production databases.
https://docs.oracle.com/database/121/DMKSB/intro.htm#DMKSB-GUID-F949A83E-3C01-45B5-9BAF-9940BB140AA0


NEW QUESTION # 28
If a column is not specified in a Data Redaction Policy, to which column(s) is it applied?

  • A. columns with any type of constraint
  • B. the primary key column only
  • C. the primary and foreign key columns
  • D. none of the columns
  • E. foreign key columns only

Answer: C


NEW QUESTION # 29
Which two are true about Database Privilege Analysis?

  • A. It must have the Database Vault option enabled.
  • B. If a privilege is captured during run time, it is saved under the run-time capture name.
  • C. It cannot be used to capture the privileges that have been exercised on precompiled database objects.
  • D. It can be used after you install the Oracle Database without any additional database configuration steps.
  • E. Privilege analysis data for dropped objects are kept.
  • F. It shows the grant paths to the privileges and suggests which grant path to keep.

Answer: D,F


NEW QUESTION # 30
Examine this command that Is executed:

What is the result?

  • A. The bind variables for the salary column are masked In trace files and vS views.
  • B. The salary column is redacted when queried by database users.
  • C. The salary column is fine grain audited.
  • D. The salary column is nullified when queried by the database users.
  • E. The salary column is encrypted using TDE column encryption.

Answer: B


NEW QUESTION # 31
Which two authorization rights does a Database Vault realm owner have that a realm participant does not have?

  • A. Grant or revoke realm-secured database roles.
  • B. Add or remove realm-protected objects to or from the reaim.
  • C. Add or remove realm-secured database roles to or from the realm.
  • D. Grant or revoke privileges on realm-protected objects to or from other users.
  • E. Add or remove owners to or from the realm.
  • F. Grant or revoke system privileges to access objects protected by the realm.
  • G. Add or remove participants to or from the realm.

Answer: C,F


NEW QUESTION # 32
Which two does the master key encrypt with Transparent Data Encryption?

  • A. encrypted column keys
  • B. encrypted tablespaces
  • C. temporary segments
  • D. encryption wallet
  • E. encrypted columns
  • F. encrypted tablespace keys

Answer: C,D


NEW QUESTION # 33
......

Tested Material Used To 1Z0-116: https://endexam.2pass4sure.com/Oracle-Database-Security/1Z0-116-actual-exam-braindumps.html

Related Articles

more
Oracle 1Z0-116 Certification Practice Exam