OCP 1Z0 052 154
2014-06-21 17:00
274 查看
154. View the Exhibit and examine the privileges granted to the MGR_ROLE role.
The user SKD has been granted the CONNECT and RESOURCE roles only. The database administrator
(DBA) grants MGR_ROLE to the user SKD by executing the command:
SQL> GRANT MGR_ROLE TO SKD WITH ADMIN OPTION;
Which statement is true about the user SKD after he/she is granted this role?
A.The user SKD can grant only the MGR_ROLE role to other users, but not the privileges in it.
B.The user SKD can revoke the MGR_ROLE only from the users for whom he/she is the grantor.
C.The user SKD can grant the privileges in the MGR_ROLE role to other users, but not with ADMIN
OPTION.
D.The user SKD can grant the privileges in the MGR_ROLE role to other users, but cannot revoke
privileges from them.
Answer: A
http://docs.oracle.com/cd/E11882_01/server.112/e41084/statements_9013.htm#SQLRF55031
WITH ADMIN OPTION
Specify
Grant the privilege or role to another user or role, unless the role is a
Revoke the privilege or role from another user or role
Alter the privilege or role to change the authorization needed to access it
Drop the privilege or role
If you grant a system privilege or role to a user without specifying
then the user has the
To revoke the
the
http://docs.oracle.com/cd/E11882_01/server.112/e41084/statements_9020.htm#SQLRF55181
To revoke a system privilege, you must have been granted the privilege with the
the
To revoke a role, you must have been granted the role with the
privilege.
To revoke an object privilege, one of the following conditions must be met:
You must previously have granted the object privilege to the user or role.
You must have the
any object privilege that was granted by the object owner or on behalf of the owner by a user with the
However, you cannot revoke an object privilege that was granted by way of a
See Also:
"Revoke Operations that Use GRANT ANY OBJECT PRIVILEGE: Example"
The
Privileges or roles not granted to the revokee
Roles or object privileges granted through the operating system
Privileges or roles granted to the revokee through roles
The user SKD has been granted the CONNECT and RESOURCE roles only. The database administrator
(DBA) grants MGR_ROLE to the user SKD by executing the command:
SQL> GRANT MGR_ROLE TO SKD WITH ADMIN OPTION;
Which statement is true about the user SKD after he/she is granted this role?
A.The user SKD can grant only the MGR_ROLE role to other users, but not the privileges in it.
B.The user SKD can revoke the MGR_ROLE only from the users for whom he/she is the grantor.
C.The user SKD can grant the privileges in the MGR_ROLE role to other users, but not with ADMIN
OPTION.
D.The user SKD can grant the privileges in the MGR_ROLE role to other users, but cannot revoke
privileges from them.
Answer: A
http://docs.oracle.com/cd/E11882_01/server.112/e41084/statements_9013.htm#SQLRF55031
WITH ADMIN OPTION
Specify
WITH
ADMIN
OPTIONto enable the grantee to:
Grant the privilege or role to another user or role, unless the role is a
GLOBALrole
Revoke the privilege or role from another user or role
Alter the privilege or role to change the authorization needed to access it
Drop the privilege or role
If you grant a system privilege or role to a user without specifying
WITH
ADMIN
OPTION, and then subsequently grant the privilege or role to the user
WITH
ADMIN
OPTION,
then the user has the
ADMIN
OPTIONon the privilege or role.
To revoke the
ADMIN
OPTIONon a system privilege or role from a user, you must revoke the privilege or role from the user altogether and then grant the privilege or role to the user without
the
ADMIN
OPTION.
http://docs.oracle.com/cd/E11882_01/server.112/e41084/statements_9020.htm#SQLRF55181
To revoke a system privilege, you must have been granted the privilege with the
ADMIN
OPTION. You can revoke any privilege if you have
the
GRANT
ANY
PRIVILEGEsystem privilege.
To revoke a role, you must have been granted the role with the
ADMIN
OPTION. You can revoke any role if you have the
GRANT
ANY
ROLEsystem
privilege.
To revoke an object privilege, one of the following conditions must be met:
You must previously have granted the object privilege to the user or role.
You must have the
GRANT
ANY
OBJECT
PRIVILEGEsystem privilege. In this case, you can revoke
any object privilege that was granted by the object owner or on behalf of the owner by a user with the
GRANT
ANY
OBJECT
PRIVILEGE.
However, you cannot revoke an object privilege that was granted by way of a
WITH
GRANT
OPTIONgrant.
See Also:
"Revoke Operations that Use GRANT ANY OBJECT PRIVILEGE: Example"
The
REVOKEstatement can revoke only privileges and roles that were previously granted directly with a
GRANTstatement. You cannot use this statement to revoke:
Privileges or roles not granted to the revokee
Roles or object privileges granted through the operating system
Privileges or roles granted to the revokee through roles
相关文章推荐
- OCP-1Z0-052-V8.02-154题
- OCP题库笔记1z0-052
- [每日一题] 11gOCP 1z0-052 :2013-08-30 差异的增量备份..................................................
- [每日一题] 11gOCP 1z0-052 :2013-09-4 block header grows............................................A33
- OCP-1Z0-052-V8.02-10-11题
- [每日一题] 11gOCP 1z0-052 :2013-09-15 Enterprise Manager Support Workbench..................B9
- [每日一题] 11gOCP 1z0-052 :2013-09-17 DRA--Data Recovery Advisor.............................B31
- OCP-1Z0-052-V8.02-165题
- [每日一题] 11gOCP 1z0-052 :2013-09-28 ORA-01555: snapshot too old......................C52
- OCP-1Z0-052-V8.02-26题
- OCP-1Z0-052-V8.02-36题
- OCP-1Z0-052-V8.02-159题
- OCP-1Z0-052-V8.02-174题
- OCP-1Z0-052-V8.02-137题
- OCP-1Z0-052-V8.02-96题
- OCP-1Z0-052-V8.02-119题
- OCP 1Z0 052 6
- OCP 1Z0 052 21
- OCP 1Z0 052 36
- OCP 1Z0 052 52