DBA verification again?

Hi all

11.2.0.3.11

AIX6

The security check is redundant question me again on the audit policy in our database.

He demanded that all actions taken by DBA must be registered.

I told him that this is the default Oracle to record all actions of dba and sys, right?

And the evidence is the log in right AUDIT_FILE_DEST?

SQL > see the parameter checking

VALUE OF TYPE NAME

------------------------------------ ----------- ------------------------------

audit_file_dest string/oracle/app/oracle/admin/batch dev/adump

audit_sys_operations Boolean TRUE

audit_syslog_level string

AUDIT_TRAIL DB string

But, he said, he needs proof of evidence.

Which of the following db views show that all the actions of dba is be saved?

ALL_DEF_AUDIT_OPTS;

DBA_AUDIT_POLICIES

DBA_AUDIT_POLICY_COLUMNS

DBA_AUDIT_EXISTS

DBA_AUDIT_OBJECT

DBA_AUDIT_SESSION

DBA_AUDIT_STATEMENT

DBA_AUDIT_TRAIL

DBA_COMMON_AUDIT_TRAIL

DBA_FGA_AUDIT_TRAIL

DBA_OBJ_AUDIT_OPTS

DBA_PRIV_AUDIT_OPTS

DBA_STMT_AUDIT_OPTS

Help, please.

"AUDIT_SYS_OPERATIONSturns on or off the audit of higher level operations, which are SQL statements issued directly by users when connecting with SYSDBA or SYSOPER privileges. »

That is, if you want to audit users with sysdba (sys, system) privileges this option must be set.

Because the user with sysdba privileges is able to manipulate the context of table sys.aud$ audit documents will OS location defined by audit_file_dest. This assumes that the user with sysdba privileges doesn't have access to this directory (segregation of duties) or at least has no write permission.

This verification of documents are simple text files (until audit_trail is set to xml or xml, extended). This means that operations intensive system, they could fill the disc and it is necessary to follow the free space on the disk and treat these files with external tools.

An another possible solution (in which documentation because I don't use it) is Oracle Audit Vault as mentioned Maran.

Tags: Database

Similar Questions

I can't sign into a new account on creative cloud

If awhile back, I made an account on my mac for cloud creative adobe and since I just wanted to be a trial not the real deal just to try I used the e-mail to the account that does not exist on the internet. Now I did and there are real, but when I click the button creative cloud adobe on my menu, it pops up with my old account blocked on a page that I want to check the email of the old account and of course I can't do it and it won't let me sign on the account and its deadlock on this page. Later, I deleted it off my mac and reinstalled thinking that would help, but it appears just with the thing of verification again. Help, please!

Please see these messages where the same issue was addressed:

Bad e-mail address to sign in to Creative Cloud Desktop, how to pass to my email address?

CC has a fake email, can not change

Separate authentication for external and internal users?
Hello

Asked me to come with a CEP for a client who wants a new system APEX is accessible to internal and external users. The client security team want to have two separate copies of the request for the APEX and both copies of the auditor of the APEX on separate databases on two separate servers from Weblogic to support different security requirements for both internal and external users. I don't think that is necessary as APEX should be able to impose conditions depending on what type of user is connected, by questioning the cookie passed in which could contain a flag to say whether the user is internally and externally. In addition, CAE can be used to further restrict external access.

The middleware for the customer solution is managed by a third party, who have made the following recommendations:

The domestic channel requires SSO to configure on WebLogic while the outside lane. Internal users must be validated on Active Directory, with RSA Authentication Manager used for external users. We cannot set up a listener APEX instance to use and not to use SINGLE sign-on at the same time. Two applications are necessary.

Now, I understand from my understanding limited the listener of the APEX, it is possible to implement different rules depending on the type of user to access. However, might just as well not be managed from Magnatune APEX? We could write a custom authentication procedure that verifies again road and the SSO user authentication cookie or otherwise, as required.

So my question is this: can it really be necessary to implement two versions of an APEX application, with two distinct on different servers APEX headphones, to meet the security requirements of separate here? Ultimately at the end of the day if that's what the customer wants, we have to build it, but I'm looking to reassure them via a CEP that won't be necessary. I think that the seller of hardware/middleware recommend that the client just because they do not know available in APEX itself custom authentication options.

Please forgive any simplifications or the lack of details in the above - I'm more a developer APEX as a person of the infrastructure and a bit of a 'newbie' where the listener APEX is concerned. All advice gratefully appreciated!

Graham.
Hi Graham,

It's a matter of people paranoid how and to what extent they trust their own infrastructure. Things could be easier than to split the environments, but I don't know if I just depends on the cookie because cookie can be easily rigged. But I think that the following architecture would be safe:
1 internal users connect APEX listener somehow security team requires, come to APEX and maybe be identified using the internal IP address (range). To simulate the INVESTIGATION period should be difficult for external users.
2. external users connect APEX listener through a defined gateway, preferably a proxy. All future requests through this gateway would be considered external users.
You may add additional logic to the proxy, for example use something like 'mod_headers' in Apache HTTPD to add a page header to requests, so that you may identify as external users.
You could, of course, also put it the other Tower and allow internal users to use some proxy to enforce certain rules of IP based address, or perhaps a few additional references as authentication for access to the proxy (which again could be transparent user in AD-configuration, at least if you stick with IE).

You can easily implement the separation in your custom authentication process. But this architecture also allows some other compromise: even if someone does not trust your application logic to handle two types of application successfully, you can also use the proxy to enforce the specific call for an application id. Certainly you don't need to duplicate the infrastructure...
Most of the companies already have a proxy for external users, for example to activate SSL and to hide other internal resources, for load balancing,... so I think you just need to put some configuration of the existing infrastructure and end up needing no component additional. Even if there is no proxy and yet, it would be an element of very light weight, easy to handle.

So far, all this has nothing to do with the earpiece of the APEX. It's 'just' a web front-end for the instance of the APEX in the database. I wouldn't put a logic of network security in this service, but the split things upward front. The APEX listener can be patched to add some logic, but which was not supported.

I think that this would work and should be sufficient for most of the safety requirements.
If my picture was not painted understandable, let me know.

-Udo

In e-mails AOL, verification of the individual messages in the results of regular system in this error message: there was an error while loading the message. Please try again later.

In access to AOL e-mail via the full version, I can navigate my account (old messages, new messages, spam, etc.) very well, but when I try to open an individual email, I get this error message: "there was an error while loading the message. Please try again later. »

This is identical to a problem someone else was described in another thread... Unfortunately, nothing suggested you him seemed to work. I have BEEN cheated at the opening of a file attached to an e-mail immediately before this started, so I think it's a virus or something. IN ANY CASE... I AM able to open the messages when I use the basic version of AOL. Initially, the problem seemed to be in Firefox, but I tried with Internet Explorer now also and it's the same thing, and the basic version is accessible while the full version is still blocked.

On both browsers, after the error message, I can't even click on individual posts to TRY to open another, and there are a few not-very-right boxes and the x and the things that appear on the screen that do not belong.

Please tell me that you can not do that, go away... I tried uninstalling and reinstalling... Firefox who did not. I also enjoy McAffee, and that has not changed anything.

You can do a check of malware with several digitization programs of malicious software on the Windows computer.

Please scan with all programs, because each program detects a different malicious program.

All of these programs have free versions.

Make sure that you update each program to get the latest version of their databases before scanning.
- Malwarebytes' Anti-Malware:
  http://www.Malwarebytes.org/MBAM.php
- AdwCleaner:
  http://www.bleepingcomputer.com/download/adwcleaner/
  http://www.Softpedia.com/get/antivirus/removal-tools/AdwCleaner.shtml
- SuperAntispyware:
  http://www.SUPERAntiSpyware.com/
- Microsoft security scanner:
  http://www.Microsoft.com/security/scanner/en-us/default.aspx
- Windows Defender:
  http://Windows.Microsoft.com/en-us/Windows/using-Defender
- Spybot Search & Destroy:
  http://www.safer-networking.org/en/index.html
- Kasperky free Security Scan:
  http://www.Kaspersky.com/security-scan
Alternatively, you can write a check for an infection rootkit TDSSKiller.
- Utility anti-rootkit TDSSKiller:
  http://support.Kaspersky.com/5350?El=88446
See also:
- "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked

You have exceeded the number of times you can ask a verification code. Please try again later

My email account is * address email is removed from the privacy * has been blocked as hotmail said it was use for spam and they asked to check if I'm using my other email that I already put in my profile, so I followed the steps, I managed to put my new password and the trusted pc but I failed to check the phone thing number as my browser chrome to Google gives me a 401 error whenver I put in my phone number, I could not even choose the options button and I continued this repetition for ten times up to what the system limit myself now to access or retrieve codes, I really need this account back please can someone they send me the code to my e-mail that I recorded with hotmail I use ie7 or mozilla to redo the process, anyone from hotmail can you please help me, I have all the codes in my other email they sent to but all do not work if you need I can send to you these codes and e-mail for verification, someone please help me I have a lot of vital information and schedule of legal aid to help those cases running in Malaysia

Hi WillyDebs,

When you use Windows Live Hotmail and the problem you posted is with Windows Live, so it would be better suited in the Windows Live community. Please visit the link below to find a community that will provide the best support.

Windows Live Solution Center Hotmail Portal

http://windowslivehelp.com/product.aspx?ProductID=1

I hope this helps.

Account blocked (again) Hotmail - have cell phone for verification

My email account keeps blocking.

E-mail address is removed from the privacy *.

I don't have a cell phone for verification, which

results by not being able to solve the problem

myself.

Any help would be greatly appreciated.

Thank you.

Hello

Answers is a peer group supported and unfortunately has no real influence on Hotmail.

HotMail has its own Forums, so you can ask your questions there.

Windows Live Solution Center - HotMail - HotMail Forums Solutions
http://windowslivehelp.com/

Hotmail - Forums
http://windowslivehelp.com/forums.aspx?ProductID=1

Hotmail - Solutions
http://windowslivehelp.com/solutions.aspx?ProductID=1

How to contact Windows Live Hotmail Support
http://email.about.com/od/hotmailtips/Qt/et_hotmail_supp.htm

Windows Live Hotmail Top issues and Support information
http://support.Microsoft.com/kb/316659/en-us

Compromised account - access unauthorized account - how to recover your account
http://windowslivehelp.com/solution.aspx?SolutionID=6ea0c7b3-1473-4176-b03f-145b951dcb41

Hotmail hacked? Take these steps
http://blogs.msdn.com/b/securitytipstalk/archive/2010/07/07/Hotmail-hacked-take-these-steps.aspx

I hope this helps.

If one already has 12 DBA OCP, so we cannot take OCA 12 DBA right? wouldn't this OCJA again go back

If we are already 12 DBA OCP, then I heard that we are not allowed to take the OCA 12 DBA.
Also this new certification OCJA looks like a designer certification, but this is a junior DBA certification.
It seems that we would go back.
Roger

If we are already 12 DBA OCP, then I heard that we are not allowed to take the OCA 12 DBA.

Ok. If you were an 11g OCP (specifically an Oracle Database 11g Administrator Certified Professional) and had to take the exam 1Z0-060, then you would * also * hold the credential of administrator Certified Professional 12 c Oracle database. You would not, however, the credentials of the Administrator Certified Associate of 12 c in Oracle database. If you wish, you can take the exam 1Z0-062 and at that time you would hold all the three powers OCP 11g, 12g OCP and 12 c OCA. The Oracle certification program does not prevent you to do this. In fact, I hold all three certifications... but only because I took 1Z0-062 while it was in beta before I took the exam 1Z0-060. I don't really see a point to come back and win the OCA 12 c, but you can if you wish.

Also this new certification OCJA looks like a designer certification, but this is a junior DBA certification.

OCJA certification is not part of the way s/n, so it's not really back going in this direction. I agree that it is a certification that would normally be the target of the people who had not yet obtained their 12 c OCA, OCP. I do not think that earn this certification in addition to the OCP 12 you would appear to be younger than you would without it. That said, if you don't think the themes during the test are those that it would be worth your time to study - you already know or because they are the ones that you do not have and will not - use then further consideration is unnecessary. I agree that it is a developer certification, and in fact, I have recommended a couple of days at Brandye they be moved to the section "database application development" the test of all the ads rather than the 'Oracle Database 12 c' section.

I already started to focus on the examination in the creation of a study guide for it. In part I find interesting review because my assistant developer really needs to understand these issues better than it does currently. I doubt that it is an isolated case. I also use in a real problem to find good sources of materials for a person to learn the information covered in this review. No manual Oracle do cover all of the content of the examination (Concepts covers a bit and the Guide SQL a bit). I can't find good books on Amazon for people to point.

In my opinion, it's a problem serious because a developer understand how to perform the tasks assigned to this review should be second nature. Because I can't find resources, I guess now they learn by practice or by mouth-to-a developer highest... who has probably learned by practice. I remember some of the courses at the College, but that shouldn't be the only developers that newly hatched place can learn these skills.

"You have exceeded the number of times you can ask a verification code. Try again later. »

I get this message throughout the day trying to access my account main hotmail, which has been blocked today for no apparent reason. I would like to know how long should I wait before a new attempt to access.

Hello

Answers is a peer group supported and unfortunately has no real influence on Hotmail.

HotMail has its own Forums, so you can ask your questions there.

Windows Live Solution Center - HotMail - HotMail Forums Solutions
http://windowslivehelp.com/

Hotmail - Forums
http://windowslivehelp.com/forums.aspx?ProductID=1

Hotmail - Solutions
http://windowslivehelp.com/solutions.aspx?ProductID=1

How to contact Windows Live Hotmail Support
http://email.about.com/od/hotmailtips/Qt/et_hotmail_supp.htm

Windows Live Hotmail Top issues and Support information
http://support.Microsoft.com/kb/316659/en-us

Compromised account - access unauthorized account - how to recover your account
http://windowslivehelp.com/solution.aspx?SolutionID=6ea0c7b3-1473-4176-b03f-145b951dcb41

Hotmail hacked? Take these steps
http://blogs.msdn.com/b/securitytipstalk/archive/2010/07/07/Hotmail-hacked-take-these-steps.aspx

I hope this helps.

Apple ID verification fails-cannot reset iPad

I am preparing an old iPad to sell and clear content and settings. Can not do (and cannot just reset or do anything), however, because when I get my Apple ID password verification fails.

Issue 1 - should be connected to wifi for me reset?

Question 2 - How can I connect if I'm in that right, and it is rejected? (I checked, Yes, it's the right Apple ID and password)

Hello PatsyKB51,

Thanks for this info and choosing the communities Support from Apple. I know how to reset this iPad is important to you! From what you said, it seems that you may have had a problem because the iPad is not connected to the internet. Good news is that you have a few options to fix this. First of all, you can connect your iPad Wi - Fi and then erase content and settings again. If it does not, while the iPad is on Wi - Fi, you can delete it thanks to find my iPhone feature iCloud.com:

iCloud: remove your device, Find My iPhone

You can also use iTunes on your Mac or PC to restore your iOS to factory settings software, as this process erases the information and settings on your device and install a new copy of the latest version of the iOS software.

Use iTunes on your Mac or PC to restore your iPhone, iPad or iPod to factory settings

See you soon!

MacBook: An error occurred during activation. Try again

HI, I use MBP and this problem has been persistent for more than 5 months now.

I'm on El Capitan version 10.11.6. I get the message "an error occurred during activation, try again" when I try to Sign In.

My Internet speed is ok, ok account password. Already connected to iCloud and App Store with the same password. IMessage + Facetime, I am not able to connect.

Help, please. Thank you

Using two-step verification or two-factor authentication? If so, you need passwords for specific app for FaceTime and Messages.

Passwords using specific app - Apple Support

If this is not the case, see this article. It is written for iOS, but if you translate the suggestions in other similar to OS X, it should solve your problem.

If you get an error when you try to activate FaceTime - Apple Support or iMessage

Too many attempts of incorrect verification

I answered the wrong questions in two attempts.

Later / again changed the questions and answers. To emergency email.

But whenever I try to enter new responses, this message appears...

Too many attempts of incorrect verification

You made too many attempts to answer your security questions. You can try again later or use your rescue email address to reset your security information.

Please I want a solution to this problem

Hello

If you are unable to reset your security questions, you will need to contact the Apple Support.

The information is available here:
- Contact Apple for assistance with the security of the Apple ID - Apple Support accounts
(I'm afraid that no one here can solve the problem for you.) You don't talk to Apple here - it is a community based on the user).

More information:

If you forgot the answers to your questions of security of Apple ID - Apple Support

On Mac with 2-step verification endless loop

I got a new Macbook and all is set up very well, but when I try to buy more storage iCloud, with it being a new computer it asks my password Apple ID, and once the entry not the usual verification code sent to your trusted device. My iPad and iPhone download the application, but the Mac screen never changes to allow to introduce the verification code. It simply says "enter your password followed by the verification sent to your trusted device code" - when I enter the password he repeats the loop, the sending of a new code of verification for both iPhone & iPad and Mac asks once again my password followed by verification code, but the box for verification code ever...

Try to do exactly what the message says "enter your password followed by the verification code sent to your device to trust"

for example, if your password is xyz and the verification code is 123456, type xyz123456 in the password box.

The newest 'two-step authentication' (not the most "two-step verification") requires that this method of entry on devices running older versions of the operating system. Not sure why this would be the case in your situation, but it's worth a try.

See quote below for Apple ID - Apple Support two factor authentication

If you use two-factor authentication with devices that are running older OS versions, you may be prompted to add your code at the end of your password when signing in. get your verification code to a device of confidence running iOS six-digit 9 or OS X El Capitan, or it make him trust phone number. Then type your followed six-digit verification code password directly in the password field.

How to disable the verification of all ssl - sec_error_ca_cert_invalid

Is it possible to disable SSL any verification of any sort in firefox?

I'm stuck with this error. (copied from another post) https://support.CDN.Mozilla.NET/media/uploads/images/2014-08-04-14-05-02-bc62ea.PNG

I already have mozillapkix to false. I don't want to import the self-signed certificates for all my servers in firefox. I also deal with "ssl broken", as strings of incomplete certificates, etc... on load balancers or other strange Machines.

I had a version of night who worked with mozillapkix set to false but looks like she auto-updated: (so it is now 33.0.2 and is more like my certificates self-signed again.) (Which reminds me that I have to disable auto-update if possible).

If there is no way to completely disable ssl checking in Firefox, there at - it a night build version or build version prior (I forgot what version this new ssl audit begins), I can use that will prevent this strict ssl audit (why there is no 'add exception' is still confused...)?

If it is a puzzle, you can use the Extended Support Release of Firefox 31 version. In my view, the preference to disable the use of PKIX still works in this version. You could test with the 'Portable Apps' version first before switching.

More information about ESR: http://www.mozilla.org/firefox/organizations/

Laptop (not official) to build for testing: http://portableapps.com/apps/internet/firefox-portable-esr (using his own local profile, get out your normal Firefox first)

My iPad has been verification of operating system update for more than 3 hours. Not able to do anything. Cannot cancel or turn off the power. Help please.

MY iPad has been verification of update of the new version of operating system for 3 hours. Unable on camel back or cut off the power supply. What should I do? o

Try a forced reboot. Hold down the Home and Sleep/Wake buttons at the same time for about 15 seconds, until the Apple logo appears.

Then go to settings > general > storage & use iCloud > manage storage (the first) > and if there is an update, delete. Then go to settings > general > Software Update and try again.

If that doesn't work, try updating through iTunes on your computer.

Why does my password verification system appear incomprehensible? and other issues (see photo)

System:

* MBP 13 "mid-2010

* Processor: 2.4 GHz Intel Core 2 Duo
* RAM: 4 GB 1067 MHz DDR3

* Graphics card: NVIDIA GeForce 320 M 256 MB

OSX Yosemite: Worm 10.10.5

-------------------
< hr >
(can I use html here?)

-------------------

Hello I had several problems this last week, my laptop started to break

1. the cycle of the battery number reached 1050, when it suddenly just stopped charging. Now the laptop will not work if it is not plugged in.
Isn't this kind of thing really case, it won't load at all and must be connected in order to be used as if a desktop computer?

2. the laptop has a hard time of commissioning. It will load up to 1/3 of the progress bar and then just stay there (Dim lights, visible mouse pointer)
I have to restart again and again all hoping that it starts properly.

3. I had a request to update flash earlier, and he didn't, I don't know why. This was also the first time I've seen verification of password became like this: http://imgur.com/Lhw7I7G

4. laptop a radically became slow and clumsy...

All this in the past week alone.

-------------------------

Of course, I realize my laptop is almost 6 years, but it was a hand for the College.

I have currently no plans to replace the battery because I plan to buy a new MBP 15 "last preference, in a month or two.
But for now, I'm stuck with this laptop. And I wish someone could help me to solve the problems of data above, and/or make the exclusion of the laptop until then.

Start now the command R keys (or command R option)

Recovery http://support.apple.com/kb/HT4718

use the menu utilities > disk utility > first aid on your Macintosh hard drive

DBA verification again?

Similar Questions

Maybe you are looking for