代码改变世界

1Z0-053 争议题目解析304

2016-03-11 16:18  AlfredZhao  阅读(533)  评论(0编辑  收藏  举报

1Z0-053 争议题目解析304

考试科目:1Z0-053
题库版本:V13.02

题库中原题为:

304.What privileges must be granted to allow an account to create the recovery catalog? (Choose all that
apply.)
A. RECOVERY_CATALOG_OWNER
B. DBA
C. RESOURCE
D. SELECT ANY DICTIONARY
E. CONNECT
Answer: AC

争议点:
题库答案是AC。
网上争议,只有A,或者ACE。
实际上,只赋予RECOVERY_CATALOG_OWNER角色是可以的。
也就是说RESOURCE和CONNECT角色都不是必须的。
此题如果是单选题,那么无疑就是A,
但是此题作为多选题的话,歧义就比较大了,选择AC或者ACE都不能说是不对。

让我们来看下RECOVERY_CATALOG_OWNER角色的权限:

SQL> create user xxx identified by xxx;

User created.

SQL> grant RECOVERY_CATALOG_OWNER to xxx;

Grant succeeded.

SQL> conn xxx/xxx
Connected.
SQL> select * from user_role_privs;

USERNAME                       GRANTED_ROLE                   ADM DEF OS_
------------------------------ ------------------------------ --- --- ---
XXX                            RECOVERY_CATALOG_OWNER         NO  YES NO

SQL> select * from role_sys_privs;

ROLE                           PRIVILEGE                                ADM
------------------------------ ---------------------------------------- ---
RECOVERY_CATALOG_OWNER         CREATE SYNONYM                           NO
RECOVERY_CATALOG_OWNER         CREATE CLUSTER                           NO
RECOVERY_CATALOG_OWNER         ALTER SESSION                            NO
RECOVERY_CATALOG_OWNER         CREATE DATABASE LINK                     NO
RECOVERY_CATALOG_OWNER         CREATE SESSION                           NO
RECOVERY_CATALOG_OWNER         CREATE TABLE                             NO
RECOVERY_CATALOG_OWNER         CREATE SEQUENCE                          NO
RECOVERY_CATALOG_OWNER         CREATE PROCEDURE                         NO
RECOVERY_CATALOG_OWNER         CREATE VIEW                              NO
RECOVERY_CATALOG_OWNER         CREATE TYPE                              NO
RECOVERY_CATALOG_OWNER         CREATE TRIGGER                           NO

11 rows selected.

再来看下connect, resource角色的权限:

SQL> create user yyy identified by yyy;

User created.

SQL> grant connect, resource to yyy;

Grant succeeded.

SQL> conn yyy/yyy
Connected.
SQL>  select * from role_sys_privs;

ROLE                           PRIVILEGE                                ADM
------------------------------ ---------------------------------------- ---
RESOURCE                       CREATE SEQUENCE                          NO
RESOURCE                       CREATE TRIGGER                           NO
RESOURCE                       CREATE CLUSTER                           NO
RESOURCE                       CREATE PROCEDURE                         NO
RESOURCE                       CREATE TYPE                              NO
CONNECT                        CREATE SESSION                           NO
RESOURCE                       CREATE OPERATOR                          NO
RESOURCE                       CREATE TABLE                             NO
RESOURCE                       CREATE INDEXTYPE                         NO

9 rows selected.

确定,RECOVERY_CATALOG_OWNER角色完全包含了connect角色的权限,不完全包含resource的权限。

初步结论:
保留争议,暂时遵循题库答案,选择AC。