which database users is the audit policy now active?

You wish to enable an audit policy for all database users, except SYS, SYSTEM, and SCOTT.
You issue the following statements:
SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SYS;
SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SYSTEM;
SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SCOTT;
For which database users is the audit policy now active?

You wish to enable an audit policy for all database users, except SYS, SYSTEM, and SCOTT.
You issue the following statements:
SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SYS;
SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SYSTEM;
SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SCOTT;
For which database users is the audit policy now active?

A.
All users except SYS

B.
All users except SCOTT

C.
All users except sys and SCOTT

D.
All users except sys, system, and SCOTT

Explanation:
If you run multiple AUDIT statements on the same unified audit policy but specify

different EXCEPT users, then Oracle Database uses the last exception user list, not any of the
users from the preceding lists. This means the effect of the earlier AUDIT POLICY … EXCEPT
statements are overridden by the latest AUDIT POLICY … EXCEPT statement.
Note:
* The ORA_DATABASE_PARAMETER policy audits commonly used Oracle Database parameter
settings. By default, this policy is not enabled.
* You can use the keyword ALL to audit all actions. The following example shows how to audit all
actions on the HR.EMPLOYEES table, except actions by user pmulligan.
Example Auditing All Actions on a Table
CREATE AUDIT POLICY all_actions_on_hr_emp_pol
ACTIONS ALL ON HR.EMPLOYEES;
AUDIT POLICY all_actions_on_hr_emp_pol EXCEPT pmulligan;
Oracle Database Security Guide 12c, About Enabling Unified Audit Policies

Show Hint

Leave a Reply 5

Your email address will not be published. Required fields are marked *

Amit

Amit

B. All users except SCOTT

Reply