21) Assigning an application role to be a member of a
Catalog group creates complex group inheritance and maintenance situations and
is not considered a best practice.
22)
You use ________ in the Oracle BI Administration Tool to manage
permissions for application roles, and set access privileges for objects such
as subject areas and tables.
Ans) you use Identity Manager in the Oracle BI
Administration Tool to manage permissions for application roles, and set access
privileges for objects such as subject areas and tables.
23) Modify parameter in
FMW_UPDATE_ROLE_AND_USER_REF_GUIDS parameter in
Ans) NQSConfig.INI:
24) The default application roles are BI Administrator,
BI Consumer, and BI Author.
25) When a user acts as proxy user for a target user,
which mode of access allows only read only access to the target user's objects?
Ans) The
following list describes the proxy levels:
·
Restricted — Permissions are read-only to the objects to which the
target user has access. Privileges are determined by the proxy user's account
(not the target user's account).
For example, suppose a proxy user has not been assigned the Access to Answers privilege, and
the target user has. When the proxy user is acting as
the target user, the target user cannot access
Answers.
·
Full — Permissions and privileges are inherited from the
target user's account.
26) If a user belongs to two application roles or Catalog
groups and both are granted permissions (neither denied), then the most
restrictive permissions are given to the user.
Ans) false
27) If a user belongs to two application roles or Catalog
groups and both are granted permissions, then the least restrictive permissions
are given to the user. The exception to this is if one of the two
application roles or Catalog groups is explicitly denied the permissions, in
which case the user is denied.
28) If you log in to the Administration Tool in online
mode, then you can view all users from the Web Logic Server. If you log in to
the Administration Tool in offline mode, then you can only view users that are
stored in the repository.
Ans) true
29) True or False: You cannot disable the Web Logic
Server LDAP as an authenticator as it is required in case other authenticators
fail.
Ans) false
Note:
You may have your own LDAP directory (for example Oracle Internet Directory)
that you may want to use as the default authenticator, and disable the Web Logic
Server default authenticator. Having a single source authentication provider
prevents user names and passwords being derived from multiple authentication
sources, which could lead to multiple points of attack, or entry from unauthorized
users.
30) When configuring an alternate authentication
provider, setting the Control Flag to this value means the Login Module need
not succeed. If it does succeed, return control to the application. If it fails
and other Authentication providers are configured, authentication proceeds down
the Login Module list.
Ans) SUFFICIENT:
This Login Module need not succeed. If it does succeed, return control to the
application. If it fails and other Authentication providers are configured,
authentication proceeds down the Login Module list.
31) True or False: database authentication for OBIEE 11g
is based on database user accounts.
Ans) false
Note: A suitable database schema containing the users,
credentials and groups required for authentication, must be accessible from the
Web Logic Server on which Oracle BI EE is running.
32) OPSS is the underlying platform on which the Oracle
Fusion Middleware security framework is built. What does OPSS stand
for?
Ans) Oracle Platform Security Services (OPSS) is the underlying
platform on which the Oracle Fusion Middleware security framework is built.
33) True or False: In Oracle Business Intelligence
Release 11g the entire repository is encrypted using
a key derived from a user supplied password.
Ans) true
34) In Oracle Business Intelligence Release 11g the
entire repository is encrypted using a key derived from a user supplied
password.
Note: A Release 11g repository can only be opened with
the password. There is no mechanism for recovering a lost password.
35) If you want to enable user Fred to perform BIAuthors
and BI Administrator duties, you might create a new ________ called BI Manager,
which has both BIAuthors privileges and BI Administrators privileges
Ans) if
you want to enable user Fred to perform BIAuthors and BI Administrator duties,
you might create a new application role called BI Manager, which has both
BIAuthors privileges and BI Administrators privileges
36) True or False: The BI System Role must exist (with
the BI Administrator role), for Oracle Business Intelligence to function
correctly.
Ans) True.
Note: The BI System Role must exist (with the
BIAdministrator role), for Oracle Business Intelligence to function correctly.
37) To use a database as the authentication provider, you
must set up a __________________
Ans: SQLAuthenticator
38) True or False: Explicitly denying
a Presentation Services privilege takes precedence over user access rights
either granted or inherited as a result of group or application role hierarchy.
Ans:
True
39) Presentation Services privileges can be granted to
users both explicitly and by inheritance. However, explicitly denying a
Presentation Services privilege takes precedence over user access rights either
granted or inherited as a result of group or application role hierarchy.
40) The Oracle Business Intelligence default credential
store is file-based, also known as being wallet-based,
and is represented by the file _____
Ans) the Oracle Business Intelligence default
credential store is file-based, also known as being wallet-based, and is
represented by the file cwallet.sso.
41) To enable high availability of the default embedded
Oracle WebLogic Server LDAP identity store in a clustered environment, you
configure the _______ attribute.
Ans) to enable high availability of the default embedded
Oracle WebLogic Server LDAP identity store in a clustered environment, you
configure the virtualize attribute. When you set the virtualize attribute value
to true, Managed servers are able to use a copy of the embedded default Oracle
WebLogic Server LDAP identity store.
42) If you are deploying the default Policy Store, then
Oracle recommends that you make a copy of the original ________ policy file and
place it in a safe location.
Ans) system-jazn-data.xml
Ans) Oracle WebLogic Server Administration Console: LDAP Server
Oracle Fusion Middleware Control: Policy Store, Credential Store
Oracle BI Administration Tool: RPD
Presentation Services Administration: Web catalog
Oracle Fusion Middleware Control: Policy Store, Credential Store
Oracle BI Administration Tool: RPD
Presentation Services Administration: Web catalog
No comments:
Post a Comment