ocp-047-14 22 40 grant revoke role

14. OE and SCOTT are the users in the database. The ORDERS table is owned by OE. Evaluate(评价) the statements issued(发行) by the DBA in the following sequence:
CREATE ROLE r1;
GRANT SELECT, INSERT ON oe.orders TO r1;
GRANT r1 TO scott;
GRANT SELECT ON oe.orders TO scott;
REVOKE SELECT ON oe.orders FROM scott;
What would be the outcome after executing the statements?
A. SCOTT would be able to query the OE.ORDERS table.
B. SCOTT would not be able to query the OE.ORDERS table.
C. The REVOKE statement would remove the SELECT privilege from SCOTT as well as from the role R1.
D. The REVOKE statement would give an error because the SELECT privilege has been granted to the role R1.


答案: A
分析: 本题考点是权限/privilege
对象权限可以直接授予用户,也可以授予角色后将角色授予用户,结果是用户都可以使用该权限。但是用户通过角色获得的权限不可以被单独撤销,需要撤销角色来撤销权限。
B. SCOTT拥有r1角色,该角色有OE.ORDERS表的select权限,所以SCOTT仍然能正常查询该表。
C. revoke命令不会在撤销一个用户的权限时,将用户所属角色的相同权限一并撤销,撤销角色权限必须显式声明。
D. revoke命令撤销的是SCOTT用户通过GRANT SELECT ON oe.orders TO scott得到的权限,不是通过r1角色得到的权限,所以不会出错。


22. Which statement correctly grants a system privilege?

A. GRANT EXECUTE ON proc1 TO PUBLIC
授予所有用户执行过程proc1的权限,这是对象权限不是系统权限
B. GRANT CREATE VIEW ON table1 TO user1
create view是系统权限,没有在某个表上的创建视图的权限,得到create view权限和select on table对象权限就可以创建到其他用户的表的视图
C. GRANT CREATE TABLE TO user1,user2(right)
GRANT 权限名 TO 用户(角色)1,用户(角色)2
D. GRANT CREATE SESSION TO ALL
要想所有用户授权是to public不是to all


40. User OE, the owner of the ORDERS table, issues the following command:
GRANT SELECT,INSERT ON orders TO hr WITH GRANT OPTION
授予hr对表orders的SELECT,INSERT权限,并且授予hr将这些权限授予别人的权限
The user HR issues the following command:
GRANT SELECT ON oe.orders TO scott
授予scott对表oe.orders的SELECT权限
Then, OE issues the following command:
REVOKE ALL ON orders FROM hr
撤销hr对表orders的所有权限
WITH GRANT OPTION只能在赋予 object privilege 的时使用,撤销时有连带效果oe>>hr>>scott
Which statement is correct?


A. The user SCOTT loses the privilege to select rows from OE.ORDERS.(right)
B. The user SCOTT retains the privilege to select rows from OE.ORDERS.
翻译: SCOTT保留了对OE.ORDERS表的select权限
解释: 对象权限撤销时会连带撤销通过WITH GRANT OPTION传递的权限


C. The REVOKE statement generates an error because OE has to first revoke the SELECT privilege from SCOTT.
翻译: 撤销语句产生一个错误,因为OE要先撤销scott的select权限
解释: 撤销任何权限时都不会要求先撤销其他通过WITH ADMIN/GRANT OPTION获得权限的用户/角色


D. The REVOKE statement generates an error because the ALL keyword cannot be used for privileges
翻译: 撤销语句产生一个错误,因为关键词ALL不能用于权限
解释: GRANT ALL PRIVILEGES TO user/role/public [IDENTIFIED BY password] [WITH ADMIN OPTION]
      GRANT ALL PRIVILEGES ON [schema.]object TO user/role/public [WITH GRANT OPTION] [WITH HIERARCHY OPTION]

阅读更多
文章标签: grant revoke role
个人分类: ocp考试
想对作者说点什么? 我来说一句

没有更多推荐了,返回首页

关闭
关闭
关闭