ExamTopics Logo
Mail Us[email protected]
Menu
Oracle Discussions
exam questions

Exam 1z0-062 All Questions

View all questions & answers for the 1z0-062 exam
Go to Exam

Exam 1z0-062 topic 1 question 107 discussion

Actual exam question from Oracle's 1z0-062
Question #: 107
Topic #: 1
[All 1z0-062 Questions]

A redaction policy was added to the SAL column of the SCOTT.EMP table:

All users have their default set of system privileges.
For which three situations will data not be redacted? (Choose three.)

  • A. SYS sessions, regardless of the roles that are set in the session
  • B. SYSTEM sessions, regardless of the roles that are set in the session
  • C. SCOTT sessions, only if the MGR role is set in the session
  • D. SCOTT sessions, only if the MGR role is granted to SCOTT
  • E. SCOTT sessions, because he is the owner of the table
  • F. SYSTEM session, only if the MGR role is set in the session
Show Suggested Answer Hide Answer
Suggested Answer: ABD 🗳️
by melat at July 29, 2020, 9:28 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ray520
3 years, 4 months ago
SYS and SYSTEM users can always bypass any existing Oracle Data Redaction policies, and will always be able to view data from tables (or views) that have Data Redaction policies defined on them. A role cannot be granted to session unless the user that created the session has that role assigned to it. So, option D is correct. reference: https://docs.oracle.com/database/121/ASOAG/security-considerations-for-using-oracle-data-redaction.htm#ASOAG10536
upvoted 1 times
...
lollo1234
4 years, 2 months ago
I think ABC: The following example queries the SESSION_ROLES data dictionary view to show that RESOURCE is the only role currently enabled for the session. It then uses the SYS_CONTEXT function to show that the RESOURCE role is currently enabled for the session and the DBA role is not. Ref: https://docs.oracle.com/database/121/SQLRF/functions199.htm#SQLRF06117
upvoted 2 times
jackymak
3 years, 3 months ago
SYS_SESSION_ROLES - Indicates whether a specified role is currently "enabled" for the session. This namespace is available starting with Oracle Database 11g Release 2 (11.2.0.4).
upvoted 1 times
...
...
melat
5 years ago
ABD: https://docs.oracle.com/database/121/ASOAG/security-considerations-for-using-oracle-data-redaction.htm#ASOAG10536
upvoted 4 times
jackymak
3 years, 5 months ago
If so, I will prefer ABC. For C, the session is set to MGR that mean the user already granted the MGR role. But D, the user has only granted the role, which can owned and not using.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel