You added the following policy to enable managers to access information about only their employees:

You added the following policy to enable managers to access information about only their employees:
EXEC DBMS_RLS.ADD_POLICY (object_schema => ‘scott’,
object_name => ’emp’,
policy_name => ‘hr_policy’,
fuction_schema => ‘scott’,
policy_function => ‘hrpol’,
sec_relevant_cols => ‘ sal, comm’) ;
hr_policyis of the____________type.

You added the following policy to enable managers to access information about only their employees:

EXEC DBMS_RLS.ADD_POLICY (object_schema => ‘scott’,
object_name => ’emp’,
policy_name => ‘hr_policy’,
fuction_schema => ‘scott’,
policy_function => ‘hrpol’,
sec_relevant_cols => ‘ sal, comm’) ;

hr_policyis of the____________type.

A.
DBMS_RLS.STATIC

B.
DBMS_RLS.DYNAMIC

C.
DBMS_RLS.SHARED_STATIC

D.
DBMS_RLS.CONTEXT_SENSITIVE

E.
DBMS_RLS.SHARED_CONTEXT_SENSITIVE

Explanation:
A dynamic predicate for a table, view, or synonym is generated by a PL/SQL function, which you write and associate with a security policy through a PL/SQL interface. Dynamic predicates are acquired at statement parse time, when the base table or view is referenced in a query using SELECT or a DML statement. The function or package that implements the security policy you create returns a predicate (a WHERE condition). This predicate controls access according to the policy
you specify. Rewritten queries are fully optimized and shareable. Whenever the EMPLOYEES table, under the HR schema, is referenced in a query or subquery (SELECT), the server calls the EMP_SEC function (under the HR schema). This function returns a predicate (called P1) defined in the function, which in this example could be specific to the current user for the HR_POLICY policy.

REF: Oracle(r) 10g Security Guide 6-4



Leave a Reply 2

Your email address will not be published. Required fields are marked *


jayanath

jayanath

FSF S RWE REWRER

mr_tienvu

mr_tienvu

I agree with the answer.