Oracle Database 12c: Installation and Administration — Question 28

Unified auditing is enabled in your database. The HR_ADMIN and OE_ADMIN roles exist and are granted system privileges.
You execute the command:
SQL>CREATE AUDIT POLICY tab1e_aud PRIVILEGES CREATE ANY TABLE, DROP ANY TABLE ROLES hr_admin, oe_admin;
Which statement is true?

Answer options

• A. It succeeds and needs to be enabled to capture all SQL statements that require either the specified privileges or any privilege granted to the HR_ADMIN and role. OE_ADMIN
• B. It fails because system privileges cannot be granted with roles in the same audit policy.
• C. It succeeds and starts capturing only successful SQL statements for all users who have either the specified privileges or roles granted to them.
• D. It fails because the command does not specify when the unified audit policy should be enforced.

Correct answer: C

Explanation

The correct answer is C because the audit policy will successfully capture successful SQL statements for users with the specified privileges or roles. Option A is incorrect as the audit policy does not need to be separately enabled to capture these statements. Option B is wrong since system privileges can indeed be granted with roles in an audit policy. Option D is incorrect because the command does not require a specification of when to enforce the policy.