Roles in Oracle Database

Which two statements are true?

A. A role cannot be assigned external authentication.
B. A role can be granted to other roles.
C. A role can contain both system and object privileges.
D. The predefined resource role includes the unlimited_tablespace privilege.
E. All roles are owned by the sys user.
F. The predefined connect role is always automatically granted to all new users at the time of their creation.

---

Answer:

The correct answers are B and C.

Explanation:

In Oracle Database, a role is a named set of privileges that can be granted to one or more users. Roles allow database administrators to manage privileges more efficiently by grouping related permissions into a single object that can be granted or revoked from users as needed.

Roles in Oracle Database can contain both system privileges, which grant permissions to perform specific actions in the database, and object privileges, which grant permissions on specific database objects, such as tables, views, or procedures.

Roles can also be granted to other roles, allowing for hierarchical management of privileges. This means that a role can inherit the privileges of another role, simplifying the management of permissions in large and complex database environments.

Roles can be created using the CREATE ROLE statement in Oracle Database, and privileges can be granted to roles using the GRANT statement. Once a role has been created and granted appropriate privileges, it can be granted to users using the GRANT statement, and revoked using the REVOKE statement.

Roles are an essential component of database security in Oracle Database, providing a flexible and efficient mechanism for managing user permissions and enforcing access controls. By using roles, administrators can ensure that users have only the privileges they need to perform their work, reducing the risk of accidental or intentional data breaches and improving overall database security.

B is true because a role can be granted to other roles in Oracle Database. This allows for hierarchical role management, where a role can inherit privileges from another role.

C is true because a role in Oracle Database can contain both system and object privileges. System privileges are permissions that allow a user to perform specific actions in the database, while object privileges grant permissions on specific objects in the database, such as tables or views.

A is false because a role can be assigned external authentication in Oracle Database.

D is false because the predefined resource role in Oracle Database does not include the unlimited_tablespace privilege.

E is false because not all roles in Oracle Database are owned by the sys user. Roles can be owned by any user in the database.

F is false because the predefined connect role is not always automatically granted to all new users at the time of their creation in Oracle Database. It depends on the configuration of the database.

Oracle Books
Oracle Certification, Database Administration, SQL, Application, Programming Reference Books

Oracle Application
Oracle Application Hints and Tips

Oracle Home
Oracle Database, SQL, Application, Programming Tips

All the site contents are Copyright © www.erpgreat.com and the content authors. All rights reserved.
All product names are trademarks of their respective companies.
The site www.erpgreat.com is not affiliated with or endorsed by any company listed at this site.
Every effort is made to ensure the content integrity.  Information used on this site is at your own risk.
 The content on this site may not be reproduced or redistributed without the express written permission of
www.erpgreat.com or the content authors.