To: Eng Abdirashiid yuusuf

From: xasan maxamed cali 320

A1.A quota is a limit on the amount of space the user’s database objects can occupy within the table
space. If a user attempts to create a database object that exceeds that user ’ s quota for that table
space,

A2.Call-level usage limits are identified as follows:

1. Logical_reads_per_call: The maximum number of disk I/O block reads that can be executed in support
of the user’s processing in one session.

2. Cpu_per_call the maximum allowed CPU time in 1/100 seconds that any individual operation in a user
session can use.

A3.Two object privilege are:

1. Select Permits the grantee of this object privilege to access the data in a table, sequence, view,
or snapshot.
2. Update Permits the grantee of this object privilege to update data into a table or view.

A4. Any privilege that can be granted can also be audited. However, since there are nearly 100 system
and object privileges that can be granted on the Oracle database, the creation of an audit statement can
be an excessively long task. Oracle allows the administrator to specify the name of an object to audit,
and Oracle will audit all privileged operations.

A5. Guidelines for user account

 Use a standard password for user creation, such as 123abc or first1, and use password expire to
force users to change this password to something else the first time they log into Oracle.
 Avoid OS authentication unless all your users will access Oracle while connected directly to the
machine hosting your database
 Be sure to always assign temporary table space and default tables pace to users.

A6. Note dropping user account

As users come and go, their access should be modified to reflect their departure. To drop a user from
the database, you execute the drop user statement. If a user has created database objects, the user
cannot be dropped until the objects are dropped, as well. In order to drop the user and all related
database objects in one fell swoop, Oracle provides the cascade option. DROP USER Psu CASCADE;

Part B

A1. Creating new data base User

One of the primary tasks early on in the creation of a new database is adding new users. However, user
creation is an ongoing task. As users enter and leave the organization, so too must the DBA keep track of
access to the database granted to those users. When using Oracle’s own database authentication
method, new users are created with the create user.
A2.

o Monitoring information about existing users

The DBA may periodically want to monitor information about users. Several data dictionary views may
be used for the purpose of obtaining information about users. Some information a DBA may want to
collect includes default and temporary tablespace information, objects created by that user, and what
the current accountstatus for that user account is.

o Altering and Dropping Existing users

Once a user is created, there are a few reasons you ’ll need to modify that user. One is to expire the
password if a user forgets it, so that the next time the user logs in, the password can be changed by the
user. The alter user identified by statement is used to change the user ’ s password:

• ALTER USER Psu IDENTIFIED BY forgot password

A3. Methods of administering passwords using profiles

 account locking,
 password aging and expiration,
 password history
 Password complexity requirements.

A4.

There are two categories of privileges, and the first is system privileges.

System privileges control the creation and maintenance of many database objects, such as rollback
segments(before images changes, used to undo changes when transaction is rolledback),
synonyms(alternate name for table…), tables, and triggers.

ADMIN FUNCTIONS

•These privileges relate to activities typically reserved for and performed by the DBA. Privileges include
alter system, audit system, audit any, alter database, analyze any, sysdba, sysoper, and grant any
privilege.

A5. Grant and Revoke privilege

You can GRANT and REVOKE privileges on various database objects in Oracle. We'll first look at how to
grant and revoke privileges on tables and then how to grant and revoke privileges on functions and
procedures in Oracle.

You can grant users various privileges to tables. These privileges can be any combination of SELECT,
INSERT, UPDATE, DELETE, REFERENCES, ALTER, INDEX, or ALL.
A6 . (I)Administrive profile is a named set of resource limits and password parameters that restrict
database usage and instance resources for a user. SQL statements used for managing profiles, which are
ALTER PROFILE, CREATE PROFILE, and DROP PROFILE
(II)Profiles to ControlResource Use •A special user profile exists in Oracle at database creation called
DEFAULT. If no

profile is assigned with the profile clause of the create user statement, the

DEFAULT profile is assigned to that use

7. CREATE USER bar IDENTIFIED BY abcd1234

QUOTA 5m ON users;

ALTER ANY USER permission;

GRANT CREATE SESSION, CREATE TABLE TO bar;

DROP USER bar CASCADE;

8. supports GRANT and REVOKE statements to control user access to database objects—for example,
GRANT and REVOKE, GRANT (Table) and REVOKE (Table), and so on. Typically, a superuser creates users
and roles shortly after creating the database, and then uses GRANT statements to assign them
privileges.