Oracle Database Security Administration Advanced Practice Exam: Hard Questions 2025

You are hardening a database that hosts both application schemas and security administration accounts. Your security policy requires separation of duties such that DBAs can perform backup/recovery and performance tasks, but cannot view application data or read decrypted secrets. Security administrators must manage encryption keys and security policies but must not have broad object administration. Which approach best meets the requirement with least operational risk? Assume you can use built-in Oracle capabilities and want an architecture that minimizes "shared superuser" power.

A security team wants to ensure that even users with powerful privileges cannot change auditing configuration, disable auditing, or purge audit trails without explicit authorization. They also want to detect any attempted tampering. Which design best achieves this goal using Oracle’s security architecture? Choose the best single answer.

You are troubleshooting a system where application connections over TCPS succeed, but users receive errors when selecting from tables encrypted with TDE. The database was restored from backup onto new hosts. The wallet directory exists and contains wallet files, but the database reports that the keystore is not open. What is the most likely root cause and best corrective action?

An organization must rotate TDE master keys regularly and ensure encrypted backups remain recoverable across disaster recovery sites. They also want to minimize the number of times the keystore password must be handled by humans. Which strategy best satisfies these requirements while preserving recoverability?

A team uses both (1) network encryption (TCPS) for client connections and (2) TDE for protecting data at rest. A compliance auditor asks whether enabling only TCPS is sufficient to claim “data is encrypted at rest,” and whether enabling only TDE is sufficient to protect data in transit. Which answer is technically correct and defensible?

You are designing an auditing configuration to satisfy two requirements: 1) Record SELECT access to sensitive columns in a few tables (including when accessed through views). 2) Avoid excessive audit volume from normal application activity on non-sensitive tables. Which approach best meets both requirements with strong precision and maintainability?

During an investigation, auditors find that a privileged user executed actions that should have generated audit records, but there are gaps during a specific window. You confirm the database remained available. Which scenario is the most plausible explanation that aligns with Oracle auditing behavior and common hardening pitfalls?

Your organization requires that audit records are retained and protected from alteration by DBAs, and that the security team can prove integrity during compliance reviews. Which solution is the best fit with least custom development?

A developer reports that a reporting user with SELECT on a view can infer sensitive rows that should be hidden by row-level security. The current design uses VPD (DBMS_RLS) on base tables with a predicate based on the user’s department. The view includes a UNION ALL and a deterministic function in the WHERE clause. Which is the most likely cause and best remediation to prevent predicate bypass or inference?

You need to allow an analytics team to run ad-hoc queries on a production database without exposing raw PII. They must be able to join datasets and group by certain attributes, but should never see full national IDs or full credit card numbers. The solution must work even if a user has direct SELECT on the base tables, and it must be centrally managed with minimal application changes. Which solution best meets the requirement?