053 第500題
500.You opened the encryption wallet and then issued the following command:
SQL>CREATE TABLESPACE securespace
DATAFILE ‘/home/user/oradata/secure01.dbf‘
SIZE 150M
ENCRYPTION USING ‘3DES168‘
DEFAULT STORAGE(ENCRYPT);
Then you closed the wallet. Later, you issued the following command to create the EMPLOYEES table in
the SECURESPACE tablespace and you use the NO SALT option for the EMPID column.
What is the outcome?
A. It creates the table and encrypts the data in it.
B. It generates an error because the wallet is closed.
C. It creates the table but does not encrypt the data in it.
D. It generates an error because the NO SALT option cannot be used with the ENCRYPT option.
Answer:
Use this clause to specify the encryption properties of the tablespace. This clause does not actually encrypt the tablespace.
You must also specify theENCRYPT
keyword
as part of the DEFAULT
storage_clause
in
this statement in order for the tablespace to be encrypted. In addition, you must already have used
ALTER
SYSTEM
SET
ENCRYPTION
WALLET
OPEN
IDENTIFIED
BY
...
to load the TDE master key into database memory for the duration of the instance, or establish a connection to the HSM to send the encrypted table and tablespace keys to the HSM and receive them back decrypted.
SALT | NO SALT Specify SALT
Specify NO
SALT
to
prevent the database from appending salt to the clear text of the column before encrypting it.
The following considerations apply when specifying SALT
or NO
SALT
for
encrypted columns:
-
If you want to use the column as an index key, then you must specify
NO
SALT
. Refer to Oracle Database Advanced Security Administrator‘s Guide for a description of "salt" in this context. -
If you specify table compression for the table, then the database does not compress the data in encrypted columns with
SALT
.
You cannot specify SALT
or NO
SALT
for
LOB encryption.
實驗
SQL> CREATE TABLESPACE securespace
2 datafile ‘E:\oradata\test\secures01.dbf‘
3 SIZE 150M
4 ENCRYPTION USING ‘3DES168‘
5 DEFAULT STORAGE(ENCRYPT);
CREATE TABLESPACE securespace
*
第 1 行出現錯誤:
ORA-28365: Wallet 未打開
053 第500題