A. FGA is an extension of FGAC.
B. FGAC prohibits access by row; FGA enables access by row.
C. Both use Application Context, but only FGAC can use the Secure Application role.
D. FGA tracks when sensitive rows have been accessed; FGAC prevents access to sensitive rows.
Answer: D
Explanation:
Prior to Oracle9i, value-based auditing was possible with before and after triggers for the INSERT, UPDATE, and DELETE operations. Oracle9i extended the concept of the finegrained access to the auditing functions to enable you to audit SELECT operations. FGA can audit attempts to access information even if the information itself was not accessed.
Incorrect Answers
A: FGA is not an extension of FGAC.
B: FGAC and FGA do not prohibits or enables access by row. FGA specifically audit just the successful operations or the unsuccessful operations.
C: FGA can use the Secure Application role also.
OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 21-22
Chapter 1: Security Enhancements
Oracle 9i New Features, Robert Freeman, p. 132-139
Chapter 5: Miscellaneous Oracle9i Features and Enhancements
No comments:
Post a Comment