The flashcards below were created by user
Tralala
on FreezingBlue Flashcards.
-
What are the new administrative groups?
-
What is the new administrative system privilege for backups?
SYSBACKUP
-
What is the new administrative system privilege for dataguard?
SYSDG
-
What is the new administrative system privilege for TDE?
SYSKM
-
I run this command, connect / as sysbackup. Who am I connect as?
- SYSBACKUP
- This is the same for SYSDG and SYSKM
-
What is the purpose of the SYSBACKUP user?
- To perform RMAN backup, restore and recover tasks
- connect / as sysbackup
-
When running connect / as sysbackup|sysdg|syskm, as which user are we connecting?
As sysbackup sysdg syskm respectivley
-
What can SYSBACKUP privilege do?
- Create and drop a database
- Create a control file
- Change the archivelog mode
- Flashback the database
- Create an SPFILE/PFILE
- Manage restore points
- Start up and shut down the database
-
What can SYSDG privilege do?
- Start up and shut down the database
- Manage restore points
- Flash back the database
- Run DGMGRL
- Start the observer
- Enable an application to request immediate invocation for fast-start failover
-
What can SYSKM privilege do?
- Create, open, and close key stores
- Create and change the master key for encryption
- Manage encryption keys for column and tablespace encryption
-
What is the purpose of the SYSDG user?
- To perform Data Guard backup tasks
- connect / as sysdg
-
What is the purpose of the SYSKM user?
- To manage TDE key store operations
- connect / as syskm
-
What are the new OS administrative groups?
-
What changes have been made to the password file?
Support for SYSBACKUP, SYSDG, SYSKM
-
Using orapwd, what does INPUT_FILE allow?
To convert a legacy password file to a 12c format password file
-
Using orapwd, what does FORMAT do?
- LEGACY: creates a file in pre 12c format not supporting SYSBACKUP SYSDG
- SYSKM
- 12c: creates a 12c format file which supports SYSBACKUP SYSDG SYSKM
-
Using orapwd, what does FORCE=y do?
Replaces a existing file of the same name
-
Using orapwd, what can SYSBACKUP, SYSDG, SYSKM be set to?
Y or N
-
What pre 12c administrative roles are preserved
SYSDBA and SYSASM
-
If using dgmgrl, as which privilege is the user logged in as?
SYSDG
-
If user has SYSBACKUP but is not part of the OSBACKUP group and the user attempts an OS authenticated connection, what happens?
The connection fails
-
Which view shows users configured in the password file and their associated privileges?
V$PWFILE_USERS
-
What is Privilege Analysis?
To analyze privileges given to users and which of those privileges are used
-
What package is used in Privilege Analysis?
DBMS_PRIVILEGE_CAPTURE
-
In order to use DBMS_PRIVILEGE_CAPTURE, what role is required?
CAPTURE_ADMIN
-
Summarise Privilege Analysis
- Create a pivilege analysis policy based on a type of privilege analysis.
- Enable the policy policy (ie start analysis, collect data)
- Disable the policy policy (ie stop analysis)
- Generate report an used and unused privileges
- Drop privileges based on the report
- Drop the report
-
What types of Privilege Analysis are possible?
- Database G_DATABASE
- Role G_ROLE
- Context-Specific G_CONTEXT
- Role and Context-Specific G_ROLE_CONTEXT
-
How many Privilege Analysis can be enabled simultaneously?
- One
- or
- Database and one other none database
-
In Privilege Analysis, what can't be analyzed?
SYS users privileges
-
What procedure is used to create a Privilege Analysis
DBMS_PRIVILEGE_CAPTURE.CREATE_CAPTURE
-
Which view shows Privilege Analysis policies to be captured?
DBA_PRIV_CAPTURES
-
In Privilege Analysis, what is a Privilege-Based Policy?
- One that captures all the privileges granted in the database, except SYS
- type => dbms_privilege_capture.g_database
- This is the default type of policy
-
In Privilege Analysis, what is a Role-Based Policy
- One that captures all the privileges granted to a role
- type => dbms_privilege_capture.g_role
-
In Privilege Analysis, what is a Condition-Based Policy
- One that captures all privileges based on a condition
- Typically a username
- type => dbms_privilege_capture.g_context
- condition => 'SYS_CONTEXT(''USERENV'',''SESSION_USER'')=''HE'''
-
In Privilege Analysis, what is a Role and Condition-Based Policy
Same as a Condition-Based Policy but filters with a role(s)
-
How is a Privilege Analysis started?
DBMS_PRIVILEGE_CAPTURE.ENABLE_CAPTURE(name => 'MYPOL1')
-
How is a Privilege Analysis ended?
DBMS_PRIVILEGE_CAPTURE.DISABLE_CAPTURE(name => 'MYPOL1')
-
How is a Privilege Analysis policy removed?
- DBMS_PRIVILEGE_CAPTURE.DISABLE_CAPTURE(name => 'MYPOL1')
- DBMS_PRIVILEGE_CAPTURE.DROP_CAPTURE(name => 'MYPOL1')
-
How is a Privilege Analysis report created?
DBMS_PRIVILEGE_CAPTURE.GENERATE_RESULT(name => 'MYPOL1')
-
Which view shows the SYSTEM and OBJECT privileges used in Privilege Analysis
- DBA_USED_SYSPRIVS
- DBA_USED_OBJPRIVS
-
Which view shows the SYSTEM and OBJECT privileges not used in Privilege Analysis
DBA_USED_PRIVS
-
Using orapwd, what does FORMAT LEGACY not allow?
Use of SYSBACKUP, SYSDG, SYSKM
|
|