To make audit information more productive, the DBA executes the following command before startingan audit operation:  SQL> ALTER SYSTEM SET AUDIT_TRAIL=DB,EXTENDED SCOPE=SPFILE;  Which statement is true regarding the audit record generated when auditing 

题目

To make audit information more productive, the DBA executes the following command before startingan audit operation:  SQL> ALTER SYSTEM SET AUDIT_TRAIL=DB,EXTENDED SCOPE=SPFILE;  Which statement is true regarding the audit record generated when auditing starts after restarting thedatabase()

  • A、It contains only the plan for the SQL statement executed by the user.
  • B、It contains the SQL text executed by the user and the bind variables used with it.
  • C、It contains the plan and statistics associated with the SQL statement executed by the user.
  • D、It contains the plan for the SQL statement executed by the user and the bind variables used with it.
相似考题

1.6 Discuss how developments in each of the following areas has affected the scope of the audit and the audit workundertaken:(a) fair value accounting; (6 marks)

2.(b) Explain the principal audit procedures to be performed during the final audit in respect of the estimatedwarranty provision in the balance sheet of Island Co as at 30 November 2007. (5 marks)

3.You enabled an audit policy by issuing the following statements:SQL> AUDIT POLICY ORA_DATABASE_PARAMETER BY SCOTT;SQL> AUDIT POLICY ORA_DATABASE_PARAMETER BY SYS, SYSTEM;For which database users and for which executions is the audit policy now active? ()A. SYS, SYSTEMB. SCOTTC. Only for successful executionsD. Only for failed executionsE. Both successful and failed executions

4.(c) Explain the possible impact of RBG outsourcing its internal audit services on the audit of the financialstatements by Grey & Co. (4 marks)

更多“To make audit in”相关问题

  • 第1题:

    You wish to enable an audit policy for all database users, except SYS, SYSTEM, and SCOTT.You issue the following statements:SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SYS;SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SYSTEM;SQL> AUDIT POLICY ORA_DATABASE_PARAMETER EXCEPT SCOTT;For which database users is the audit policy now active?()

    A. All users except SYS

    B. All users except SCOTT

    C. All users except sys and SCOTT

    D. All users except sys, system, and SCOTT


    参考答案:B

  • 第2题:

    Following a competitive tender, your audit firm Cal & Co has just gained a new audit client Tirrol Co. You are the manager in charge of planning the audit work. Tirrol Co’s year end is 30 June 2009 with a scheduled date to complete the audit of 15 August 2009. The date now is 3 June 2009.

    Tirrol Co provides repair services to motor vehicles from 25 different locations. All inventory, sales and purchasing systems are computerised, with each location maintaining its own computer system. The software in each location is

    the same because the programs were written specifically for Tirrol Co by a reputable software house. Data from each location is amalgamated on a monthly basis at Tirrol Co’s head office to produce management and financial accounts.

    You are currently planning your audit approach for Tirrol Co. One option being considered is to re-write Cal & Co’s audit software to interrogate the computerised inventory systems in each location of Tirrol Co (except for head office)

    as part of inventory valuation testing. However, you have also been informed that any computer testing will have to be on a live basis and you are aware that July is a major holiday period for your audit firm.

    Required:

    (a) (i) Explain the benefits of using audit software in the audit of Tirrol Co; (4 marks)

    (ii) Explain the problems that may be encountered in the audit of Tirrol Co and for each problem, explain

    how that problem could be overcome. (10 marks)

    (b) Following a discussion with the management at Tirrol Co you now understand that the internal audit department are prepared to assist with the statutory audit. Specifically, the chief internal auditor is prepared to provide you with documentation on the computerised inventory systems at Tirrol Co. The documentation provides details of the software and shows diagrammatically how transactions are processed through the inventory system. This documentation can be used to significantly decrease the time needed to understand the computer systems and enable audit software to be written for this year’s audit.

    Required:

    Explain how you will evaluate the computer systems documentation produced by the internal audit

    department in order to place reliance on it during your audit. (6 marks)


    正确答案:
    (a)(i)BenefitsofusingauditsoftwareStandardsystemsatclientThesamecomputerisedsystemsandprogramsasusedinall25branchesofTirrolCo.Thismeansthatthesameauditsoftwarecanbeusedineachlocationprovidingsignificanttimesavingscomparedtothesituationwhereclientsystemsaredifferentineachlocation.UseactualcomputerfilesnotcopiesorprintoutsUseofauditsoftwaremeansthattheTirrolCo’sactualinventoryfilescanbetestedratherthanhavingtorelyonprintoutsorscreenimages.Thelattercouldbeincorrect,byaccidentorbydeliberatemistake.Theauditfirmwillhavemoreconfidencethatthe‘real’fileshavebeentested.TestmoreitemsUseofsoftwarewillmeanthatmoreinventoryrecordscanbetested–itispossiblethatallproductlinescouldbetestedforobsolescenceratherthanasampleusingmanualtechniques.Theauditorwillthereforegainmoreevidenceandhavegreaterconfidencethatinventoryisvaluedcorrectly.CostTherelativecostofusingauditsoftwaredecreasesthemoreyearsthatsoftwareisused.Anycostoverrunsthisyearcouldbeoffsetagainsttheauditfeesinfutureyearswhentheactualexpensewillbeless.(ii)ProblemsontheauditofTirrolTimescale–sixweekreportingdeadline–auditplanningTheauditreportisduetobesignedsixweeksaftertheyearend.Thismeansthattherewillbeconsiderablepressureontheauditortocompleteauditworkwithoutcompromisingstandardsbyrushingprocedures.Thisproblemcanbeovercomebycarefulplanningoftheaudit,useofexperiencedstaffandensuringotherstaffsuchassecondpartnerreviewsarebookedwellinadvance.Timescale–sixweekreportingdeadline–softwareissuesTheauditreportisduetobesignedaboutsixweeksaftertheyearend.Thismeansthatthereislittletimetowriteandtestauditsoftware,letaloneusethesoftwareandevaluatetheresultsoftesting.Thisproblemcanbealleviatedbycarefulplanning.AccesstoTirrolCo’ssoftwareanddatafilesmustbeobtainedassoonaspossibleandworkcommencedontailoringCal&Co’ssoftwarefollowingthis.Specialistcomputerauditstaffshouldbebookedassoonaspossibletoperform.thiswork.FirstyearauditcostsTherelativecostsofanauditinthefirstyearataclienttendtobegreaterduetotheadditionalworkofascertainingclientsystems.ThismeansthatCal&Comayhavealimitedbudgettodocumentsystemsincludingcomputersystems.Thisproblemcanbealleviatedtosomeextentagainbygoodauditplanning.Themanagermustalsomonitortheauditprocesscarefully,ensuringthatanyadditionalworkcausedbytheclientnotprovidingaccesstosystemsinformationincludingcomputersystemsisidentifiedandaddedtothetotalbillingcostoftheaudit.StaffholidaysMostoftheauditworkwillbecarriedoutinJuly,whichisalsothemonthwhenmanyofCal&Costafftaketheirannualholiday.Thismeansthattherewillbeashortageofauditstaff,particularlyasauditworkforTirrolCoisbeingbookedwithlittlenotice.Theproblemcanbealleviatedbybookingstaffassoonaspossibleandthenidentifyinganyshortages.Wherenecessary,staffmaybeborrowedfromotherofficesorevendifferentcountriesonasecondmentbasiswhereshortagesareacute.Non-standardsystemsTirrolCo’scomputersoftwareisnon-standard,havingbeenwrittenspecificallyfortheorganisation.Thismeansthatmoretimewillbenecessarytounderstandthesystemthanifstandardsystemswereused.Thisproblemcanbealleviatedeitherbyobtainingdocumentationfromtheclientorbyapproachingthesoftwarehouse(withTirrolCo’spermission)toseeiftheycanassistwithprovisionofinformationondatastructuresfortheinventorysystems.ProvisionofthisinformationwilldecreasethetimetakentotailorauditsoftwareforuseinTirrolCo.IssuesoflivetestingCal&Cohasbeeninformedthatinventorysystemsmustbetestedonalivebasis.Thisincreasestheriskofaccidentalamendmentordeletionofclientdatasystemscomparedtotestingcopyfiles.Tolimitthepossibilityofdamagetoclientsystems,Cal&CocanconsiderperforminginventorytestingondayswhenTirrolCoisnotoperatinge.g.weekends.Attheworst,backupsofdatafilestakenfromthepreviousdaycanbere-installedwhenCal&Co’stestingiscomplete.ComputersystemsTheclienthas25locations,witheachlocationmaintainingitsowncomputersystem.Itispossiblethatcomputersystemsarenotcommonacrosstheclientduetoamendmentsmadeatthebranchlevel.Thisproblemcanbeovercometosomeextentbyaskingstaffateachbranchwhethersystemshavebeenamendedandfocusingauditworkonmaterialbranches.UsefulnessofauditsoftwareTheuseofauditsoftwareatTirrolCodoesappeartohavesignificantproblemsthisyear.Thismeansthateveniftheauditsoftwareisready,theremaystillbesomeriskofincorrectconclusionsbeingderivedduetolackoftesting,etc.Thisproblemcanbealleviatedbyseriouslyconsideringthepossibilityofusingamanualauditthisyear.Themanagermayneedtoinvestigatewhetheramanualauditisfeasibleandifsowhetheritcouldbecompletedwithinthenecessarytimescalewithminimalauditrisk.(b)RelianceoninternalauditdocumentationTherearetwoissuestoconsider;theabilityofinternalaudittoproducethedocumentationandtheactualaccuracyofthedocumentationitself.Theabilityoftheinternalauditdepartmenttoproducethedocumentationcanbedeterminedby:–Ensuringthatthedepartmenthasstaffwhohaveappropriatequalifications.Provisionofarelevantqualificatione.g.membershipofacomputerrelatedinstitutewouldbeappropriate.–Ensuringthatthisandsimilardocumentationisproducedusingarecognisedplanandthatthedocumentationistestedpriortouse.Theuseofdifferentstaffintheinternalauditdepartmenttoproduceandtestdocumentationwillincreaseconfidenceinitsaccuracy.–Ensuringthatthedocumentationisactuallyusedduringinternalauditworkandthatproblemswithdocumentationarenotedandinvestigatedaspartofthatwork.Beinggivenaccesstointernalauditreportsontheinventorysoftwarewillprovideappropriateevidence.Regardingtheactualdocumentation:–Reviewingthedocumentationtoensurethatitappearslogicalandthattermsandsymbolsareusedconsistentlythroughout.Thiswillprovideevidencethattheflowcharts,etcshouldbeaccurate.–Comparingthedocumentationagainstthe‘live’inventorysystemtoensureitcorrectlyreflectstheinventorysystem.Thiscomparisonwillincludetracingindividualtransactionsthroughtheinventorysystems.–UsingpartofthedocumentationtoamendCal&Co’sauditsoftware,andthenensuringthatthesoftwareprocessesinventorysystemdataaccurately.However,thisstagemaybelimitedduetotheneedtouselivefilesatTirrolCo.

  • 第3题:

    如果要对成功登录和退出数据库的操作进行审计,审计设置语句应如何写()。

    • A、AUDIT CONNECT WHENEVER NOT SUCCESSFUL
    • B、AUDIT CONNECT WHENEVER SUCCESSFUL
    • C、AUDIT LOGIN WHENEVER NOT SUCCESSFUL
    • D、AUDIT LOGIN WHENEVER SUCCESSFUL

    正确答案:B

  • 第4题:

    简述Audit的功能.


    正确答案: Audit:将NE的database与OMC-R上的CM进行比较.

  • 第5题:

    You enabled an audit policy by issuing the following statements: SQL> AUDIT POLICY ORA_DATABASE_PARAMETER BY SCOTT; SQL> AUDIT POLICY ORA_DATABASE_PARAMETER BY SYS, SYSTEM; For which database users and for which executions is the audit policy now active? ()

    • A、SYS, SYSTEM
    • B、SCOTT
    • C、Only for successful executions
    • D、Only for failed executions
    • E、Both successful and failed executions

    正确答案:A,E

  • 第6题:

    Your network contains an Active Directory domain. All servers run Windows Server 2008 R2.   You need to audit the deletion of registry keys on each server.   What should you do()

    • A、From Audit Policy, modify the Object Access settings and the Process Tracking settings.
    • B、From Audit Policy, modify the System Events settings and the Privilege Use settings.
    • C、From Advanced Audit Policy Configuration, modify the System settings and the Detailed Tracking  settings.
    • D、From Advanced Audit Policy Configuration, modify the Object Access settings and the Global Object  Access Auditing settings.

    正确答案:D

  • 第7题:

    桌面终端管理系统的审计账号为audit,利用audit账号不可以创建子审计账号。


    正确答案:错误

  • 第8题:

    多选题
    You work as a database administrator for Certkiller .com. In your development environmentenvironment, the developers are responsible for modifying the table structure according to the application requirements. However, you want to keep track of the ALTER TABLE commands being executed by developers, so you enable auditing to achieve this objective.  Which two views would you refer to find out the audit information?()
    A

    DBA_AUDIT_TRAIL

    B

    DBA_AUDIT_SESSION

    C

    DBA_FGA_AUDIT_TRAIL

    D

    DBA_COMMON_AUDIT_TRAIL


    正确答案: C,D
    解析: 暂无解析

  • 第9题:

    单选题
    To make audit information more productive, the DBA executes the following command before starting an auditoperation: SQL> ALTER SYSTEM SET AUDIT_TRAIL=DB,EXTENDED SCOPE=SPFILE; Which statement is true regarding the audit record generated when auditing starts after restarting Thedatabase()
    A

    It contains only the plan for the SQL statement executed by the user.

    B

    It contains the SQL text executed by the user and the bind variables used with it.

    C

    It contains the plan and statistics associated with the SQL statement executed by the user.

    D

    It contains the plan for the SQL statement executed by the user and the bind variables used with it


    正确答案: D
    解析: 暂无解析

  • 第10题:

    单选题
    You execute the following command to audit the database activities:  SQL> AUDIT DROP ANY TABLE BY scott BY SESSION WHENEVER SUCCESSFUL;  What is the effect of this command?()
    A

    One audit record is created for the whole session if user SCOTT successfully drops one or more tables in his session.

    B

    One audit record is created for every session when any user successfully drops a table owned by SCOTT.

    C

    One audit record is created for each successful DROP TABLE command executed by any user to drop tables owned by SCOTT.

    D

    One audit record is generated for the session when SCOTT grants the DROP ANY TABLE privilege to other users in his session.

    E

    One audit record is created for each successful DROP TABLE command executed in the session of SCOTT.


    正确答案: A
    解析: 暂无解析

  • 第11题:

    单选题
    Your network contains an Active Directory domain. All servers run Windows Server 2008 R2.     You need to audit the deletion of registry keys on each server.     What should you do()
    A

    From Audit Policy, modify the Object Access settings and the Process Tracking settings.

    B

    From Audit Policy, modify the System Events settings and the Privilege Use settings.

    C

    From Advanced Audit Policy Configuration, modify the System settings and the Detailed Tracking settings.

    D

    From Advanced Audit Policy Configuration, modify the Object Access settings and the Global Object Access Auditin


    正确答案: A
    解析: 暂无解析

  • 第12题:

    单选题
    Consider the MySQL Enterprise Audit plugin. On attempting to start the MySQL service after a crash, notice the following error: [ERROR] Plugin ‘audit_log’ init function returned error. In the audit log file, you notice the final entry: … What action should you take to fix the error and allow the service to start?()
    A

    Re-install the audit plugin

    B

    Execute the command FLUSH LOGS

    C

    Execute the command SET GLOBAL audit_log_fiush= ON

    D

    Move or rename the existing audit.log file


    正确答案: A
    解析: 暂无解析

  • 第13题:

    YouworkasadatabaseadministratorforCertkiller.com.Inyourdevelopmentenvironmentenvironment,thedevelopersareresponsibleformodifyingthetablestructureaccordingtotheapplicationrequirements.However,youwanttokeeptrackoftheALTERTABLEcommandsbeingexecutedbydevelopers,soyouenableauditingtoachievethisobjective.Whichtwoviewswouldyourefertofindouttheauditinformation?()

    A.DBA_AUDIT_TRAIL

    B.DBA_AUDIT_SESSION

    C.DBA_FGA_AUDIT_TRAIL

    D.DBA_COMMON_AUDIT_TRAIL


    参考答案:A, C

  • 第14题:

    查看审计策略是否生效的视图是?()

    A. DBA_AUDIT_EXISTS

    B. DBA_AUDIT_OBJECT

    C. DBA_AUDIT_POLICY_COLUMNS

    D. DBA_AUDIT_POLICIES

    E. DBA_AUDIT_SESSION


    参考答案B

  • 第15题:

    Consider the MySQL Enterprise Audit plugin, You add the following lines to the my.cnf configuration tile: [mysqld] Plugin-load=audit_log.so Audit-log=FORCE_PLUS_PERMANENT You attempt to start up the MySQL service and notice that it fails to start. Which two statements would explain why the service did not start?()

    • A、FORCE_PLUS_PERMANENT is not valid for the audit-log option
    • B、The audit_log.so library does not exist
    • C、The audit_log.so library is in a location that is different from that defined by the plugin_dir option
    • D、The audit plugin must be loaded dynamically by using the INSTALL PLUGIN command
    • E、The audit log file does not exist in which to write audit events
    • F、The audit_log.so library is not an executable file

    正确答案:B,C

  • 第16题:

    For which two of these purposes are Cisco Spectrum Expert used?()

    • A、audit VoWLAN cell edge coverage
    • B、verify RFID tag coverage by four access points at -75 dBm
    • C、audit microwave oven interference
    • D、audit 802.11a channel 36 utilization
    • E、create test scripts for 802.11n bonded channel throughput tests

    正确答案:C,D

  • 第17题:

    Certkiller .com has organizational units in the Active Directory domain. There are 10 servers in the organizational unit called Security. As an administrator at Certkiller .com, you generate a Group Policy Object (GPO) and link it to the Security organizational unit. What should you do to monitor the network connections to the servers in Security organizational unit()

    • A、Start the Audit Object Access option
    • B、Start the Audit System Events option
    • C、Start the Audit Logon Events option
    • D、Start the Audit process tracking option
    • E、All of the above

    正确答案:C

  • 第18题:

    You need to identify each help desk user who bypasses the new corporate security policy. What should you do?()

    • A、Configure Audit Special Logon and define Special Groups.
    • B、Configure Audit Other Privilege Use Events and define Special Groups.
    • C、Configure Audit Sensitive Privilege Use and configure auditing for the HelpDesk group.
    • D、Configure Audit Object Access and modify the auditing settings for the HelpDesk group.

    正确答案:A

  • 第19题:

    单选题
    To make audit information more productive, the DBA executes the following command before startingan audit operation:  SQL> ALTER SYSTEM SET AUDIT_TRAIL=DB,EXTENDED SCOPE=SPFILE;  Which statement is true regarding the audit record generated when auditing starts after restarting thedatabase()
    A

    It contains only the plan for the SQL statement executed by the user.

    B

    It contains the SQL text executed by the user and the bind variables used with it.

    C

    It contains the plan and statistics associated with the SQL statement executed by the user.

    D

    It contains the plan for the SQL statement executed by the user and the bind variables used with it.


    正确答案: B
    解析: 暂无解析

  • 第20题:

    单选题
    You execute the following commands to audit database activities: SQL > ALTER SYSTEM SET AUDIT_TRIAL=DB, EXTENDED SCOPE=SPFILE; SQL > AUDIT SELECT TABLE, INSERT TABLE, DELETE TABLE BY JOHN By SESSION WHENEVER SUCCESSFUL; Which statement is true about the audit record that generated when auditing after instance restarts?()
    A

    One audit record is created for every successful execution of a SELECT, INSERT OR DELETE command on a table, and contains the SQL text for the SQL Statements.

    B

    One audit record is created for every successful execution of a SELECT, INSERT OR DELETE command, and contains the execution plan for the SQL statements.

    C

    One audit record is created for the whole session if john successfully executes a SELECT, INSERT, or DELETE command, and contains the execution plan for the SQL statements.

    D

    One audit record is created for the whole session if JOHN successfully executes a select command, and contains the SQL text and bind variables used.

    E

    One audit record is created for the whole session if john successfully executes a SELECT, INSERT,or DELETE command on a table, and contains the execution plan, SQL text, and bind variables used.


    正确答案: A
    解析: 暂无解析

  • 第21题:

    多选题
    You enabled an audit policy by issuing the following statements: SQL> AUDIT POLICY ORA_DATABASE_PARAMETER BY SCOTT; SQL> AUDIT POLICY ORA_DATABASE_PARAMETER BY SYS, SYSTEM; For which database users and for which executions is the audit policy now active? ()
    A

    SYS, SYSTEM

    B

    SCOTT

    C

    Only for successful executions

    D

    Only for failed executions

    E

    Both successful and failed executions


    正确答案: C,A
    解析: 暂无解析

  • 第22题:

    多选题
    Which three statements are true regarding the fine-grained auditing (FGA)?()
    A

    FGA is possible on SELECT statements only.

    B

    The audit trail for FGA is stored in the FGA_LOG$ table.

    C

    The audit trail for FGA is stored in the AUD_LOG$ table.

    D

    FGA enables a SQL predicate to define when to audit an event.

    E

    FGA audits DELETE statements only when audit columns are specified.

    F

    FGA includes the SQL statement used by the user as part of the audit event entry.


    正确答案: B,D
    解析: 暂无解析

  • 第23题:

    多选题
    Consider the MySQL Enterprise Audit plugin, You add the following lines to the my.cnf configuration tile: [mysqld] Plugin-load=audit_log.so Audit-log=FORCE_PLUS_PERMANENT You attempt to start up the MySQL service and notice that it fails to start. Which two statements would explain why the service did not start?()
    A

    FORCE_PLUS_PERMANENT is not valid for the audit-log option

    B

    The audit_log.so library does not exist

    C

    The audit_log.so library is in a location that is different from that defined by the plugin_dir option

    D

    The audit plugin must be loaded dynamically by using the INSTALL PLUGIN command

    E

    The audit log file does not exist in which to write audit events

    F

    The audit_log.so library is not an executable file


    正确答案: E,F
    解析: 暂无解析

相关内容