Term
| What methods available to prevent illegal access? |
|
Definition
Limit privileges to access date
Use operating-system authentication
Support third-party security software |
|
|
Term
| What syntax is used to Create an account? |
|
Definition
created by using the command
CREATE USER username
IDENTIFIED EXTERNALLY; |
|
|
Term
| authenticated user means ... |
|
Definition
| The user has a valid account and provided the correct password. |
|
|
Term
| Creating user accounts and granting privileges are generally performed by.. |
|
Definition
|
|
Term
| a user name can contain... |
|
Definition
| up to 30 characters, including numbers letters, and the symbols _,$, and #. |
|
|
Term
| What phrase is used to create the password? |
|
Definition
|
|
Term
|
Definition
| can be changed by the user. |
|
|
Term
| To create an account for a new employee use this syntax. |
|
Definition
CREATE USER dmeyerholz
IDENTIFIED BY little25car |
|
|
Term
| Syntax to connect to the Oracle Server |
|
Definition
CONNECT username/password@connectstring
(the connectstring is not required on a personal edition, but is required on the Enterprise or Standard editions. |
|
|
Term
| Two types of Granting privileges |
|
Definition
System privileges
Object privileges |
|
|
Term
| What are the Object Privileges? |
|
Definition
| SELECT, INSERT, UPDATE, DELETE, INDEX, ALTER, REFERENCES. |
|
|
Term
| What is the difference between system and object privileges? |
|
Definition
| System privileges allow access to the Oracle9i database and let users perform DDL operations such as CREATE, ALTER, and DROP on database objects.
Object privileges allow users to perform DML operations on the data contained within the database objects. |
|
|
Term
| How many object privileges are in Oracle 9i? |
|
Definition
|
|
Term
| How are object privileges assigned? |
|
Definition
|
|
Term
| What is the syntax for a GRANT command? |
|
Definition
GRANT {objectprivilege\ALL} [columname) objectprivilege(columname)]
ON ojectname
TO {username|rolename|PUBLIC}
[WITH GRANT OPTION]; |
|
|
Term
| What does the grant clause identify? |
|
Definition
| The object privilege(s) being assigned. The INSERT, UPDATE, and REFERENCES privileges can also be assigned to specific columns with a table or view. |
|
|
Term
| What are some rules for when object privilege is being assigned to a specifc column? |
|
Definition
| The column name should be included in the GRANT clause, within parenthese, after the privilege name. |
|
|
Term
| When is the ALL keyword used? |
|
Definition
| to indicate that all object privileges are to be granted. (e.g., SELECT, INSERT, UPDATE, and DELETE) |
|
|
Term
| Why should you be careful about using the ALL keyword? |
|
Definition
| Granting users all available object privileges will provide them with the ability to perform any DML operation on the named object. |
|
|
Term
| What does the TO clause identify? |
|
Definition
| The user or role receiving the privilege. |
|
|
Term
| How do multiple users receive privileges from the same GRANT command? |
|
Definition
| by providing the names in a list, separated by commas. |
|
|
Term
| What does the ON clause identify? |
|
Definition
| the object to which the privilege(s) applies |
|
|
Term
| What does the WITH GRANT OPTION give the user? |
|
Definition
| The ability to grant the same object privileges they have to other users. |
|
|
Term
| When can the WITH GRANT OPTION not be used? |
|
Definition
| When granting object privileges to roles: it only applies to individual users. |
|
|
Term
| Approximately how many system privileges are available in Oracle9i? |
|
Definition
|
|
Term
| What does system privileges provide? |
|
Definition
| The ability to create, alter, and drop tables, views, and other database objects. |
|
|
Term
| How can object privileges be granted as system privileges? |
|
Definition
| If the keyword ANY is used. |
|
|
Term
| What does the command INSERT ANY TABLE allow the user to do? |
|
Definition
| To add rows to any table, regardless of whether he or she owns the table or has explicit persmission to acces that particular table. |
|
|
Term
| A user must have what privilege to connect Oracle 9i? |
|
Definition
|
|
Term
| What is the request to view all the system privileges available through the data dictionary? |
|
Definition
|
|
Term
| what is the GRANT command to give system privileges? |
|
Definition
| GRANT systemprivilege [,systemprivilege,...] |
|
|
Term
| How do you grant more than one system privilege? |
|
Definition
| Commas separate the privileges listed. |
|
|
Term
| Why is the ON clause not included when assigning system privileges? |
|
Definition
| Because a system privilege is not granted fro a partular database object. |
|
|
Term
| What is the WITH ADMIN OPTION used for? |
|
Definition
| It allows any user or role identified in the TO clause to grant the system privilege(s) to any other database user(s). |
|
|
Term
| What is the order for deploying GRANT commands? |
|
Definition
Grant create session
GRANT object privileges (ex. GRANT SELECT TO rthomas) |
|
|
Term
| Changing a User Password can be done by using what command? |
|
Definition
|
|
Term
| What can the DBA set the current password as that will force the user to change the password? |
|
Definition
PASSWORD EXPIRE
EX. ALTER USER rthomas
PASSWORD EXPIRE; |
|
|
Term
| What clause can the user use to change the current password? |
|
Definition
|
|
Term
| What command makes the current passwrod expire immediately? |
|
Definition
|
|
Term
| Who can issue an ALTER USER command? |
|
Definition
| the account owner or anyone with the ALTER USER system privilege. |
|
|
Term
|
Definition
| a group, or collection, of privileges. |
|
|
Term
| What must be done before assigning privileges to a role? |
|
Definition
| It must be created using the CREATE ROLE command |
|
|
Term
| When can you grant system or object privileges to a role? |
|
Definition
| After the role has been created. |
|
|
Term
| What is the only exception togranting privileges directly to a role? |
|
Definition
| An object privilege cannot be granted to a role with the WITH GRANT OPTION. |
|
|
Term
| When can roles be assigned to users? |
|
Definition
| After all the privileges have been assigned to the role. Use the TO clause. |
|
|
Term
| What does DBA predefined role in Oracle 9i provide |
|
Definition
| Users other than the actual database admiinistrator can casue major projblems if incorrect commands are issued. |
|
|
Term
| What privileges should a default role consist of? |
|
Definition
| Only those privileges the user will frequently need. |
|
|
Term
| When should other roles be used? |
|
Definition
| When other privileges are need than can be assumed when necessary., |
|
|
Term
| What command is used to to assign a default role to a user? |
|
Definition
| ALTER USER username DEFAULT ROLE rolename; |
|
|
Term
| How does a user assume a different role after connecting to the database? |
|
Definition
The user can issue a SET ROLE COMMAND
SET ROLE rolename; |
|
|
Term
| How can a password be assigned to role? |
|
Definition
| use the command ALTER ROLE rolename IDENTIFIED BY password; |
|
|
Term
| When will a password not be required for roles? |
|
Definition
| When the role has been assigned as a default. It is only required when the SET ROLE command is issued. |
|
|
Term
| What data dictionary view lists all system privileges that have been granted to roles? |
|
Definition
|
|
Term
| What is the quickest way to determine exactly which privileges are currently enabled for a user? |
|
Definition
|
|
Term
| What does the UNLIMITED TABLESPACE privilege mean? |
|
Definition
| that the storage space assigned to the user for database objects is not limited to a maximum size. |
|
|
Term
| What command can remove privileges to a user or role? |
|
Definition
|
|
Term
| What can the REVOKE command remove? |
|
Definition
| system privileges, object privileges, roles. |
|
|
Term
| When does revoking a system privilege have no cascading effect on other users? |
|
Definition
| When the WITH ADMIN OPTION was used |
|
|
Term
| How can you change the spelling of a users name? |
|
Definition
| You will need to delete the existing account ad recreate the account. |
|
|
