Page 1

11g DBA EXAM 1Z0-528 Oracle Database 11g Security Essentials

http://www.testcertify.com/1Z0-528.html

Total Questions:

15

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

1


Question: 1

You have a system installed with Oracle 11g. You are concerned about the security of the database instances in your system. You plan to use Oracle Database Vault to create several components to manage the security of the database instances. Which of the following components can be created using Oracle Database Vault? Each correct answer represents a complete solution. Choose all that apply. A. Realms B. RMAN C. Command rules D. Factors

Answer: A, C, and D Explanation: The components of Oracle Database Vault Access Control are as follows: Realm: It is the efficient collection of database schemas, objects, and roles that have to be secured. Secure application role: It is a unique Oracle Database role that is permitted on the basis of assessment of an Oracle Database Vault rule set. Command Rule: It is a unique rule that can be created to control the way users execute SQL statements, including SELECT, ALTER SYSTEM, database definition language (DDL), and data manipulation language (DML) statement. Factor: It is an attribute or a named variable. It can be a user location, database IP address, or session user, which can be secured and acknowledged by Oracle Database Vault. Rule Set: It is a set of one or more rules that can be related with realm approval, command rule, factors, or a secure application role. Answer: B is incorrect. Recovery Manager (RMAN) is an Oracle utility that is used to manage backup and recovery operations. Recovery Manager can back up database files (data files, control files, and archived redo log files) and restore or recover a database by using a backup. Recovery Manager uses a central information repository called recovery catalog in order to store metadata about backup and recovery operations. However, if a recovery catalog is not created, Recovery Manager uses the target database's (the database that RMAN is backing up or restoring) control file as a repository for storing the information necessary for backup and recovery operations. Recovery Manager can be invoked as a command line utility from the operating system command prompt. However, its few features can also be used through Oracle Enterprise Manager GUI.

Question: 2

Which of the following is NOT a feature of the Data Masking Pack? A. Sophisticated Masking Techniques B. Secure High Performance Mask Execution C. Comprehensive and Extensible Mask Library D. Automated patching for Oracle products and the operating system

Answer: D

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

2


Explanation: Automated patching for Oracle products and the operating system is NOT a feature of the Data Masking Pack. It is a feature of the Provisioning Pack. Answer: C, A, and B are incorrect. The features of Oracle Data Masking Pack are as follows: Comprehensive and Extensible Mask Library: Oracle Data Masking Pack provides the whole library, which can be extended so as to meet data privacy and application requirements. Sensitive Data Discovery and Referential Integrity: An information security administrator uses the Oracle Data Masking Pack so as to quickly search the database to identify sensitive data. Oracle Data Masking Pack discovers and preserves the referential relationship established between multiple tables that share the same sensitive data. Sophisticated Masking Techniques: Oracle Data Masking Pack provides several masking techniques, such as conditionbased masking, compound masking, and deterministic masking, so that after the process of masking, the application works without any error. Secure High Performance Mask Execution: Before mask execution, Oracle Data Masking Pack does some validation checks so that the mask formats are the same as the data types of the table and there are no errors in the masking process.

Question: 3

Rick works as a Database Administrator in Dolliver Inc. The company uses Oracle 11g on its database server. There is a "customer_detail" table in the database. Rick wants to mask the customer number in the table in such a way that it gets masked to the same value across the entire database. Which masking technique of Data Masking Pack should he apply to accomplish the task? A. Compound masking B. Condition-based masking C. Shuffling D. Deterministic masking

Answer: D Explanation: Following are the sophisticated masking techniques of Oracle Data Masking Pack: Condition-based masking: In this masking technique, various kinds of masks are applied to a similar data set. The data set are selected based on the conditions applied to rows. Compound masking: In this masking technique, those columns that have a certain relationship between them are masked as a group, so that the data that is masked in the related column pertains to the same relationship. Deterministic masking: In this masking technique, consistent masking is done within and across all databases. Answer: C is incorrect. It is the data masking technique in networks.

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

3


Question: 4

Which of the following options employs labeling concepts used by government and defense organizations to protect sensitive information and to provide data separation? A. Oracle Label Security B. Oracle Database Vault Security C. Oracle Audit Vault Security D. Oracle Advanced Security

Answer: A Explanation: Oracle Label Security makes use of the label theory, which is used by government and defense organizations to preserve sensitive information and to provide data separation. Answer: C is incorrect. Oracle Audit Vault Security is a secure tamper proof Oracle database feature that mitigates many security risks and helps to protect an organization from insiders. Answer: B is incorrect. Oracle Database Vault Security is used for high granular access restriction and separation of duties. Answer: D is incorrect. Oracle Advanced Security is used for the transparent encryption of data and management of keys.

Question: 5

You are a Database Administrator in Dolliver Inc. Oracle 11g is installed as the database server in the company. You want to protect data from privileged users through some preventive controls and also secure the database transparently. Which of the following security options will you adopt to accomplish the task? A. Enterprise Manager Data Masking Pack B. Database Vault C. Audit Vault D. Advanced Security

Answer: B Explanation: Oracle Database Vault is a security option in Oracle 11g that protects applications and sensitive data from privileged users by preventive controls, thus reducing the risk of unauthorized access. It also secures databases transparently, removing costly and time-consuming application changes. A number of access controls are set up so as to implement dynamic and flexible security requirements. Answer: C, A, and D are incorrect. Following are the four main security options available in Oracle 11g: 1.Advanced Security Option: It is used for the transparent encryption of data and the management of keys. 2.Audit Vault: It is used for monitoring both non-Oracle and Oracle data sources. 3.Enterprise Manager Data Masking Pack: It is used for tuning control over sensitive data. 4.Database Vault: It is used for high granular access restriction and separation of duties.

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

4


Question: 6

Sam works as a Database Administrator for uCertify Inc. The company is using Oracle 11g as the database server. Sam wants to adopt a security feature on the database that enforces the security rules, regardless of the way the data is accessed. Which of the following security features should he adopt to accomplish the task? A. Real Application Cluster (RAC) B. Virtual Private Database (VPD) C. Enhanced security features with execution context D. Label Security

Answer: B Explanation: Virtual Private Database (VPD) is one of the security features of Oracle 11g that couples fine-grained access control with a secure application context. In this feature, the security rules are attached to the data instead of the application which ensures that security rules are enforced regardless of how the data is accessed. It is useful in situations where associated database roles and standard object privileges are not able to meet the application security requirements. Answer: D is incorrect. Label Security is not used for this purpose, as it restricts access to rows in any table that is based on the label of the user requesting the access and the label on the row of the table itself. Answer: A is incorrect. RAC is not used, as it allows a number of instances at different servers to access the same database files. Answer: C is incorrect. It is the security feature of SQL Server.

Question: 7

David works as a Database Administrator for Gentech Inc. The company is using Oracle 11g as the database server. David wants to adapt such a security option that will provide no application changes to the database, built-in key management, and high performance to the database. Which security option should he adopt to accomplish the task? A. Database Vault B. Label Security C. Audit Vault D. Advanced Security Option

Answer: D Explanation: The Oracle Advanced Security Option protects sensitive data on the network or on the backup media from unauthorized users by transparently encrypting the data with no application changes. This option provides high performance to the database and has a built-in key management facility that removes the complexity associated with the key management solution. Answer: A is incorrect. Database Vault protects application data from access by database administrators and any other privileged user. Answer: C is incorrect. Audit Vault detects insider threats and also alerts you about suspicious activity. Answer: B is incorrect. Label Security provides Oracle database sensitivity of consolidated data through multiple databases.

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

5


Question: 8

You work as a Database Administrator for uCertify Inc. The company uses Oracle 11g on its database server. The server contains a database named "Company_Project_Details". The database is shared among multiple departments of the company for regular updation. Looking at the security issues of the database, you have been assigned the task to apply some security solution to the database. To accomplish the task, you plan to apply Database Label Security on this database. Which of the following components of the Database Label Security should you apply in order to secure this database? Each correct answer represents a complete solution. Choose all that apply. A. Compartments B. Source database C. Levels D. Groups

Answer: C, A, and D Explanation: The components of Oracle Database Label Security are as follows: Levels: It is a hierarchical component that denotes data sensitivity. Every individual data label should have a level. The levels can be confidential, sensitive, and highly sensitive. Compartments: It is a non-hierarchical component, which is sometimes referred to as category. It is an optional component. To compartmentalize data, one or more compartments are defined for a specific type of data, knowledge area, or project that requires special approval. Groups: It is very similar to compartment with a few exceptions and is also an optional component. It is used to segregate data by organization. Answer: B is incorrect. It is a component of Audit Vault from which data is collected.

Question: 9

Which of the following components of Oracle Database Vault is a Java application that is built on top of the Oracle Database Vault PL/SQL application programming interfaces (API)? A. Oracle Database Vault Administrator (DVA) B. Oracle Database Vault Access Control Components C. Oracle Database Vault DVSYS and DVF Schemas D. Oracle Database Vault Reporting and Monitoring Tools

Answer: A

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

6


Explanation: The components of Oracle Database Vault (ODV) are as follows: Oracle Database Vault Access Control Components: These enable a user to create a number of components for the database instance security management. Oracle Database Vault Administrator (DVA): It is a Java application built on top of the Oracle Database Vault PL/SQL application programming interfaces (API). Oracle Database Vault Configuration Assistant (DVCA): It is used to perform maintenance tasks on the Oracle Database Vault installation for which it uses the command-line utility. Oracle Database Vault DVSYS and DVF Schemas: DVSYS and DVF are schemas provided by ODV. Oracle Database Vault PL/SQL Interfaces and Packages: PL/SQL interfaces and packages are provided by ODV. These allow security managers or application developers to configure the required access control policy. Oracle Database Vault and Oracle Label Security PL/SQL APIs: The access control capabilities provided by ODV is integrated with Oracle Label Security which in turn provides a collection of PL/SQL APIs. Oracle Database Vault Reporting and Monitoring Tools: These tools are used to generate reports on the number of activities monitored by ODV.

Question: 10

Sam works as a Database Administrator for Gentech Inc. The company is using Oracle 11g as the database server. Sam wants to protect the company's data by encrypting the physical data files created on the operating system. Which of the following types of encryption should he use to accomplish the task? A. Network encryption B. Transparent Data Encryption (TDE) for tablespace C. Transparent Data Encryption (TDE) for securefiles D. Transparent Data Encryption (TDE) for column

Answer: B

Explanation: Transparent tablespace encryption is used to encrypt not only the columns or rows but the whole tablespace. So all the data that is put into the tablespace (including transportable tablespaces, backups, and so on) gets automatically encrypted, making it easier to see that all relevant data is encrypted. It is also used to encrypt the physical data files created on the operating system. Answer: D is incorrect. It is used to encrypt important data that is written in the application table columns. Answer: C is incorrect. It is used to perform block-level encryption of LOB contents. Answer: A is incorrect. It is used to encrypt data that is traveling across the network between the database and client or mid-tier applications.

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

7


Question: 11

David works as a Database Administrator for uCertify Inc. The company is using Oracle 11g as the database server. David wants to adopt security options so as to protect the database of the company. Which of the following security options should he adopt to accomplish the task? Each correct answer represents a complete solution. Choose all that apply. A. Chain of trust B. Database Vault C. Audit Vault D. Advanced Security Option

Answer: B, D, and C Explanation: Following are the four main security options available in Oracle 11g: 1.Advanced Security Option: It is used for the transparent encryption of data and the management of keys. 2.Audit Vault: It is used for monitoring both non-Oracle and Oracle data sources. 3.Enterprise Manager Data Masking Pack: It is used for tuning control over sensitive data. 4.Database Vault: It is used for high granular access restriction and separation of duties. Answer: A is incorrect. The chain of trust is a technique that is used to confirm that all software (loaded on a system) are certified as authentic by the system's designers.

Question: 12

Which of the following are the advantages of Oracle Database Vault? Each correct answer represents a complete solution. Choose all that apply. A. It disables the separation of duty. B. It enables the separation of duty. C. It controls access to database and application data by highly privileged users. D. It imposes multi-factor authorization by the use of flexible business rules.

Answer: B, C, and D Explanation: The advantages of Oracle Database Vault are as follows: It enhances a user's ability to fulfill the requirements and other policy rules that permit access control and release of sensitive information. It controls access to database and application data by highly privileged users. It enables the separation of duty. It is validated with PeopleSoft applications. It imposes multi-factor authorization by the use of flexible business rules.

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

8


Question: 13

Andrew works as a Database Administrator for Tech Mart Inc. The company uses Oracle 11g as the database server. Andrew has been assigned the task to apply a security feature to the database of the organization to protect the database from insiders. This security feature should also mitigate several security risks. Which of the following security features should he adopt to accomplish the task? A. Database Vault B. Audit Vault C. Enterprise Data Masking Pack D. Advanced Security Option

Answer: B Explanation: Audit Vault is a secure tamper proof Oracle database feature that mitigates many security risks and helps to protect an organization from insiders. It does not allow alteration or modification of the audit data. It facilitates audit data analysis, which includes timely detection of policy violations. It only reports from a single repository at a time. Answer: A, D, and C are incorrect. Following are the four main security options available in Oracle 11g: 1.Advanced Security Option: It is used for the transparent encryption of data and the management of keys. 2.Audit Vault: It is used for monitoring both non-Oracle and Oracle data sources. 3.Enterprise Manager Data Masking Pack: It is used for tuning control over sensitive data. 4.Database Vault: It is used for high granular access restriction and separation of duties.

Question: 14

Which method should be adopted to retrieve all those rows whose sensitive columns have a null value and which are restricted by Virtual Private Database security? A. Transparent Tablespace Encryption B. Access Control List C. Transparent Data Encryption D. Column masking

Answer: D Explanation: Column masking is used with the Virtual Private Database to overcome the drawback of Column relevance. The problem that arises with the column level Virtual Private Database security is that it restricts the rows that contain data for sensitive columns. Through column masking, the data of all such rows is put on show where the sensitive columns have a null value. This way, authorized users can access more information, and only the sensitive information is hidden. Answer: B is incorrect. Access Control List is used to restrict the allowed target host. Answer: C is incorrect. Transparent Data Encryption (TDE) is a security feature that secures data in large objects and tablespaces. Answer: A is incorrect. Transparent Tablespace Encryption is used to encrypt the entire tablespace.

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

9


Question: 15

Andrew works as a Database Administrator for Tech Mart Inc. The company uses Oracle 11g as the database server and deals with the development of various database applications. During such developments, production data is copied into other non-production environments. This leads to several confidential risks. Andrew has been assigned the task to minimize the risk of handling such sensitive information. Which pack of Enterprise Manager should he adopt to accomplish the task? A. Oracle Data Masking Pack B. Oracle Change Management Pack C. Oracle Diagnostic Pack D. Oracle Configuration Management Pack

Answer: A Explanation: Oracle Data Masking Pack is used to reduce the risk of handling important information at the time of testing, application development, or data analysis when the production data is copied into a non-production environment. The mask puts back the fictitious data in place of sensitive data, so that the data which is produced is shared by the IT developers or offshore business partners. Answer: B is incorrect. Oracle Change Management Pack is used by enterprises for the easy identification of the impact of upgrades of applications. Answer: D is incorrect. Oracle Configuration Management Pack is used for the better management of IT configuration and for the improvement of services. Answer: C is incorrect. Oracle Diagnostic Pack is used to provide better quality of services through advanced event notification.

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

10


Thank You for Trying Our Demo

11g DBA EXAM 1Z0-528 Oracle Database 11g Security Essentials

http://www.testcertify.com/1Z0-528.html

If you have any questions or difficulties regarding this product, feel free to contact Us.

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. Practice exams also include self assessment and reporting features!

For interactive and self-paced preparation of exam 1Z0-528, try our practice exams. http://www.testcertify.com Practice exams also include self assessment and reporting features

11

Free ORACLE 1Z0-528 Practice Test  

For more and updated 1Z0-528 exam Practice Test visit http://www.testcertify.com. They provide guaranteed 1Z0-528 Practice Test to pass 1Z0-...

Read more
Read more
Similar to
Popular now
Just for you