Oracle
1Z0-052 · Question #21
1Z0-052 Question #21: Real Exam Question with Answer & Explanation
The correct answer is A: The command executes successfully. SL_REP can grant SELECT on SCOTT's EMP table because SL_REP holds the GRANT ANY OBJECT PRIVILEGE system privilege, which allows granting object privileges on any schema object regardless of ownership.
Administering User Security
Question
View the Exhibit and examine the privileges granted to the SL_REP user. The EMP table is owned by the SCOTT user. The SL_REP user executes the following command: SQL> GRANT SELECT ON scott.emp TO hr; Which statement describes the outcome of the command?
Exhibit
Options
- AThe command executes successfully
- BThe command produces an error because the EMP table is owned by SCOTT
- CThe command produces an error because SL_REP has the GRANT ANY OBJECT PRIVILEGE
- DThe command produces an error because SL_REP does not have the SELECT privilege with
Explanation
SL_REP can grant SELECT on SCOTT's EMP table because SL_REP holds the GRANT ANY OBJECT PRIVILEGE system privilege, which allows granting object privileges on any schema object regardless of ownership.
Common mistakes.
- B. Ownership of the table is irrelevant when the granting user holds GRANT ANY OBJECT PRIVILEGE, which overrides the normal ownership requirement for granting privileges.
- C. Having GRANT ANY OBJECT PRIVILEGE is precisely what enables the command to succeed, not a cause for failure - it is a valid system-level authorization.
- D. SL_REP does not need the SELECT privilege WITH GRANT OPTION because GRANT ANY OBJECT PRIVILEGE provides a broader system-level right to grant object privileges on any object in any schema.
Concept tested. GRANT ANY OBJECT PRIVILEGE system privilege in Oracle
Reference. https://docs.oracle.com/en/database/oracle/oracle-database/19/sqlrf/GRANT.html
Topics
#GRANT ANY OBJECT PRIVILEGE#object privileges#privilege delegation#WITH GRANT OPTION
Community Discussion
No community discussion yet for this question.