Oracle Database Administration I — Question 121

Which three actions are ways to apply the principle of least privilege? (Choose three.)

Answer options

• A. setting the O7_DICTIONARY_ACCESSIBILITY parameter to true
• B. setting the REMOTE_OS_AUTHENT parameter to true
• C. revoking execute privilege on UTL_SMTP, UTL_TCP, UTL_HTTP, and UTL_FILE from the SYSTEM user
• D. enabling Unified Auditing
• E. using Access Control Lists (ACLs)
• F. revoking execute privilege on UTL_SMTP, UTL_TCP, UTL_HTTP, and UTL_FILE from the public user

Correct answer: C, D, E

Explanation

The correct actions (C, D, E) effectively enforce the principle of least privilege by limiting access rights. Revoking execute privileges from specific users (C) and enabling auditing (D) ensure that only necessary permissions are granted, while using ACLs (E) manages and restricts access based on specified criteria. Options A, B, and F do not align with the principle of least privilege as they either grant access or do not enhance security effectively.