Index

A B C D E F G H I J L M N O P Q R S T U V W X

A

about 1
access control policy
- reports
  - Core Database Vault Audit Report 1
Access to Sensitive Objects Report 1
accounts
- See: database accounts
Accounts With DBA Roles Report 1
Accounts with SYSDBA/SYSOPER Privilege Report 1
ad hoc tools
- preventing use of 1
administrators
- DBA operations in Oracle Database Vault 1
- restricting different types 1
ADRCI utility
- Database Vault 1
alerts
- email alert in rule set 1
- Enterprise Manager Cloud Control 1
ALTER ROLE statement
- monitoring 1
ALTER SESSION command rules 1, 2
- about 1
ALTER SESSION event command rules
- creating 1
- updating 1
ALTER SESSION privilege
- enabling trace files 1
- reports, ALTER SYSTEM or ALTER SESSION Report 1
ALTER SESSION statement
- guidelines on managing privileges 1
ALTER SYSTEM command rules
- deleting system event command rules 1
ALTER SYSTEM event command rules
- creating 1
- updating 1
ALTER SYSTEM or ALTER SESSION Report 1
ALTER SYSTEM privilege
- reports, ALTER SYSTEM or ALTER SESSION Report 1
ALTER SYSTEM statement
- guidelines on managing privileges 1
ALTER USER statement
- monitoring 1
ANY System Privileges for Database Accounts Report 1
AUDIT_SYS_OPERATIONS initialization parameter 1
AUDIT_TRAIL$ system table
- affected by AUDIT_TRAIL initialization parameter 1
- archiving 1
- format 1
- purging 1
auditing
- about 1
- archiving Database Vault audit trail 1
  - about 1
- Core Database Audit Report 1
- DBMS_MACUTL fields 1
- factors
  - options 1
- intruders
  - using factors 1
- Oracle Database audit settings 1
- purging Database Vault audit trail 1
  - about 1
- realms
  - DBMS_MACUTL fields 1
  - options 1
- reports 1
- rule sets
  - DBMS_MACUTL fields 1
  - options 1
- secure application roles
  - audit records 1
auditing policies
- about 1
- audit events
  - about 1
- custom events
  - audit trail 1
- events that are tracked 1
- monitoring changes to 1
audit policy change
- monitoring 1
AUDIT privilege 1
AUDIT Privileges Report 1
AUDSYS.DV$CONFIGURATION_AUDIT view 1
AUDSYS.DV$ENFORCEMENT_AUDIT view 1
authentication
- Authentication_Method default factor 1
- command rules 1
- method, finding with DVF.F$AUTHENTICATION_METHOD 1
- realm procedures 1
authorizations
- Oracle Data Pump activities 1
- realms 1
- scheduling database jobs 1
AUTHORIZE_MAINTENANCE_USER procedure 1
authorized user added to realm 1
authorized user removed from realm 1

B

backup accounts 1
BECOME USER Report 1
BECOME USER system privilege
- about 1
break-glass accounts
- See: backup accounts
break-glass protocol 1

C

catalog-based roles 1
CDB_DV_STATUS view 1
CDBs
- Database Vault operations control 1
- functionality in Oracle Database Vault 1
- realms 1
  - authorizations 1
- rule sets 1
CDBS
- PDB access by infrastructure DBAs 1
client identifiers
- function to return 1
clients
- finding IP address with DVF.F$CLIENT_IP 1
code groups
- retrieving value with DBMS_MACUTL functions 1
Command Rule Audit Report 1
command rule changed while original command control enabled 1
Command Rule Configuration Issues Report 1
command rules 1, 2, 3
- See also: rule sets
- about 1
- creating 1
- data dictionary view 1
- data masking 1
- default command rules 1
- deleting 1
- editing 1
- functions
  - DBMS_MACUTL (utility) 1
- guidelines 1
- how command rules work 1
- modifying enablement status 1
- objects
  - name 1
  - owner 1
- performance effect 1
- procedures
  - DBMS_MACADM (configuration) 1
- process flow 1
- propagating configuration to other databases 1
- reports 1
- rule sets
  - selecting 1
  - used with 1
- simulation mode 1
- troubleshooting
  - with auditing report 1
- tutorial 1
- views 1, 2
- with PDBs 1
compliance
- Oracle Database Vault addressing 1
computer name
- finding with DVF.F$MACHINE 1
- Machine default factor 1
configuration
- monitoring changes 1
- views
  - AUDSYS.DV$CONFIGURATION_AUDIT 1
  - DVSYS.DV$CONFIGURATION_AUDIT 1
  - DVSYS.DV$ENFORCEMENT_AUDIT 1
CONFIGURE_DV procedure
- about 1
- registering Database Vault with 1, 2, 3
CONNECT command rules
- about 1
- example 1
CONNECT events, controlling with command rules 1
core database
- troubleshooting with Core Database Vault Audit Report 1
Core Database Audit Report 1
Core Database Vault Audit Trail Report 1
CPU_PER_SESSION resource profile 1
CREATE ANY JOB privilege 1
CREATE ANY JOB statement
- guidelines on managing privileges 1
CREATE EXTERNAL JOB privilege 1
CREATE JOB privilege 1
CREATE JOB statement
- guidelines on managing privileges 1
CREATE ROLE statement
- monitoring 1
CREATE USER statement
- monitoring 1
CTXSYS schema realm protection 1

D

Database Account Default Password Report 1
database accounts
- backup DV_OWNER and DV_ACCTMGR 1
- configuring Database Vault accounts as enterprise users 1
- counting privileges of 1
- DBSNMP
  - changing password 1
  - granted DV_MONITOR role 1
- DVSYS 1
- LBACSYS 1
- monitoring 1
- reports
  - Accounts With DBA Roles Report 1
  - ALTER SYSTEM or ALTER SESSION Report 1
  - ANY System Privileges for Database Accounts Report 1
  - AUDIT Privileges Report 1
  - BECOME USER Report 1
  - Database Account Default Password Report 1
  - Database Account Status Report 1
  - Database Accounts With Catalog Roles Report 1
  - Direct and Indirect System Privileges By Database Account Report 1
  - Direct Object Privileges Report 1
  - Direct System Privileges By Database Account Report 1
  - Hierarchical System Privileges by Database Account Report 1
  - Object Access By PUBLIC Report 1
  - Object Access Not By PUBLIC Report 1
  - OS Security Vulnerability Privileges 1
  - Password History Access Report 1
  - Privileges Distribution By Grantee, Owner, Privilege Report 1
  - Privileges Distribution By Grantee, Owner Report 1
  - Privileges Distribution By Grantee Report 1
  - Roles/Accounts That Have a Given Role Report 1
  - Security Policy Exemption Report 1
  - WITH ADMIN Privilege Grants Report 1
  - WITH GRANT Privileges Report 1
- solution for lockouts 1
- suggested 1
Database Account Status Report 1
Database Accounts With Catalog Roles Report 1
database administrative operations 1
database domains, Database_Domain default factor 1
database links
- function to return information about 1
database objects 1
- See also: objects
- Oracle Database Vault 1
- reports
  - Object Dependencies Report 1
database options, installing 1
database roles
- about 1
- counting privileges of 1
- default Oracle Database Vault 1
- DV_ACCTMGR
  - about 1
- DV_ADMIN 1
- DV_AUDIT_CLEANUP 1
- DV_DATAPUMP_NETWORK_LINK 1
- DV_GOLDENGATE_ADMIN 1
- DV_GOLDENGATE_REDO_ACCESS 1
- DV_MONITOR 1
- DV_OWNER 1
- DV_PATCH_ADMIN 1
- DV_POLICY_OWNER 1
- DV_PUBLIC 1
- DV_REALM_OWNER 1
- DV_REALM_RESOURCE 1
- DV_SECANALYST 1
- DV_XSTREAM_ADMIN 1
- enabled, determining with ROLE_IS_ENABLED 1
- granting Database Vault roles to users 1
- monitoring 1
- Oracle Database Vault, default 1
- reports
  - Accounts With DBA Roles Report 1
  - ALTER SYSTEM or ALTER SESSION Report 1
  - AUDIT Privileges Report 1
  - BECOME USER Report 1
  - Database Accounts With Catalog Roles Report 1
  - OS Security Vulnerability Privileges 1
  - Privileges Distribution By Grantee Report 1
  - Roles/Accounts That Have a Given Role Report 1
  - Security Policy Exemption Report 1
  - WITH ADMIN Privilege Grants Report 1
- separation of duty enforcement 1
databases
- defined with factors 1
- domain, Domain default factor 1
- event monitoring 1
- grouped schemas
  - See realms 1
- host names, Database_Hostname default factor 1
- instance, retrieving information with functions 1
- instances
  - Database_Instance default factor 1
  - names, finding with DVF.F$DATABASE_INSTANCE 1
  - number, finding with DV_INSTANCE_NUM 1
- IP addresses
  - Database_IP default factor 1
  - retrieving with DVF.F$DATABASE_IP 1
- monitoring events 1
- names
  - Database_Name default factor 1
  - retrieving with DV_DATABASE_NAME 1
  - retrieving with DVF.F$DATABASE_NAME 1
- parameters
  - Security Related Database Parameters Report 1
- roles that do not exist 1
- schema creation, finding with DVF.F$IDENTIFICATION_TYPE 1
- schema creation, Identification_Type default factor 1
- user name, Session_User default factor 1
database sessions 1
- controlling with Allow Sessions default rule set 1
- factor evaluation 1
- session user name, Proxy_User default factor 1
Database Vault
- See: Oracle Database Vault
- MACADM procedure for deleting operations exception 1
Database Vault Account Management realm 1
Database Vault command rule protections 1
Database Vault operations control
- adding users and packages to exception list 1
- deleting users and packages from exception list 1
- disabling 1
- enabling 1
- MACADM procedure enabling operations control 1
- MACADM procedure for adding operations exception 1
- MACADM procedure for disabling operations control 1
Database Vault realm protection 1
Database Vault realm protections 1
data definition language (DDL)
- statement
  - controlling with command rules 1
Data Definition Language (DDL) statements
- Database Vault authorization
  - DBA_DV_DDL_AUTH view 1
  - granting 1
  - revoking 1
Data Dictionary realm
- data masking 1
data manipulation language (DML)
- statement
  - checking with DBMS_MACUTL.CHECK_DVSYS_DML_ALLOWED function 1
  - controlling with command rules 1
data masking
- about 1
- adding users to realms for 1
- creating command rule for 1
- errors that can appear 1
data Oracle Database Vault recognizes
- See: factors
DBA_DV_APP_EXCEPTION view 1
DBA_DV_CODE view 1
DBA_DV_COMMAND_RULE view 1, 2
DBA_DV_DATAPUMP_AUTH view 1
DBA_DV_DBCAPTURE_AUTH view 1
DBA_DV_DBREPLAY_AUTH view 1
DBA_DV_DDL_AUTH view 1
DBA_DV_DICTIONARY_ACCTS view 1
DBA_DV_FACTOR_LINK 1
DBA_DV_FACTOR_LINK view 1
DBA_DV_FACTOR_TYPE view 1
DBA_DV_FACTOR view 1
DBA_DV_IDENTITY_MAP view 1
DBA_DV_IDENTITY view 1
DBA_DV_JOB_AUTH view 1
DBA_DV_MAC_POLICY_FACTOR view 1
DBA_DV_MAC_POLICY view 1
DBA_DV_MAINTENANCE_AUTH view 1
DBA_DV_ORADEBUG view 1
DBA_DV_PATCH_ADMIN_AUDIT view 1
DBA_DV_POLICY_LABEL view 1
DBA_DV_POLICY_OBJECT view 1
DBA_DV_POLICY_OWNER view 1
DBA_DV_POLICY view 1
DBA_DV_PREPROCESSOR_AUTH view 1
DBA_DV_PROXY_AUTH view 1
DBA_DV_PUB_PRIVS view 1
DBA_DV_REALM_AUTH view 1
DBA_DV_REALM_OBJECT view 1
DBA_DV_REALM view 1
DBA_DV_ROLE view 1
DBA_DV_RULE_SET_RULE view 1
DBA_DV_RULE_SET view 1
DBA_DV_RULE view 1
DBA_DV_SIMULATION_LOG view 1
DBA_DV_STATUS view 1
DBA_DV_TTS_AUTH view 1
DBA_DV_USER_PRIVS_ALL view 1
DBA_DV_USER_PRIVS view 1
DBA_USERS_WITH_DEFPWD data dictionary view
- access to in Oracle Database Vault 1
DBA role
- impact of Oracle Database Vault installation 1
DBMS_FILE_TRANSFER package, guidelines on managing 1
DBMS_MACADM.ADD_APP_EXCEPTION procedure 1
DBMS_MACADM.ADD_AUTH_TO_REALM procedure 1
DBMS_MACADM.ADD_CMD_RULE_TO_POLICY procedure 1, 2
DBMS_MACADM.ADD_FACTOR_LINK procedure 1
DBMS_MACADM.ADD_NLS_DATA
- procedure 1
DBMS_MACADM.ADD_NLS_DATA procedure 1
DBMS_MACADM.ADD_OBJECT_TO_REALM procedure 1
DBMS_MACADM.ADD_OWNER_TO_POLICY procedure 1
DBMS_MACADM.ADD_POLICY_FACTOR procedure 1
DBMS_MACADM.ADD_REALM_TO_POLICY procedure 1
DBMS_MACADM.ADD_RULE_TO_RULE_SET procedure 1
DBMS_MACADM.ASSIGN_ROLE procedure 1
DBMS_MACADM.AUTHORIZE_DATAPUMP_USER procedure 1, 2
DBMS_MACADM.AUTHORIZE_DBCAPTURE procedure 1
DBMS_MACADM.AUTHORIZE_DBREPLAY procedure 1
DBMS_MACADM.AUTHORIZE_DDL procedure 1
DBMS_MACADM.AUTHORIZE_PREPROCESSOR procedure 1
DBMS_MACADM.AUTHORIZE_PROXY_USER procedure 1
DBMS_MACADM.AUTHORIZE_SCHEDULER_USER procedure 1
DBMS_MACADM.AUTHORIZE_TTS_USER procedure 1
DBMS_MACADM.CHANGE_IDENTITY_FACTOR procedure 1
DBMS_MACADM.CHANGE_IDENTITY_VALUE procedure 1
DBMS_MACADM.CREATE_COMMAND_RULE procedure 1
DBMS_MACADM.CREATE_CONNECT_COMMAND_RULE procedure 1
DBMS_MACADM.CREATE_DOMAIN_IDENTITY procedure 1
DBMS_MACADM.CREATE_FACTOR_TYPE procedure 1
DBMS_MACADM.CREATE_FACTOR procedure 1
DBMS_MACADM.CREATE_IDENTITY_MAP procedure 1
DBMS_MACADM.CREATE_IDENTITY procedure 1
DBMS_MACADM.CREATE_MAC_POLICY procedure 1
DBMS_MACADM.CREATE_POLICY_LABEL procedure 1
DBMS_MACADM.CREATE_POLICY procedure 1
DBMS_MACADM.CREATE_REALM procedure 1
DBMS_MACADM.CREATE_ROLE procedure 1
DBMS_MACADM.CREATE_RULE_SET procedure 1
DBMS_MACADM.CREATE_RULE procedure 1
DBMS_MACADM.CREATE_SESSION_EVENT_CMD_RULE procedure 1
DBMS_MACADM.CREATE_SYSTEM_EVENT_CMD_RULE procedure 1
DBMS_MACADM.DELETE_APP_EXCEPTION procedure 1
DBMS_MACADM.DELETE_AUTH_FROM_REALM procedure 1
DBMS_MACADM.DELETE_COMMAND_RULE procedure 1
DBMS_MACADM.DELETE_CONNECT_COMMAND_RULE procedure 1
DBMS_MACADM.DELETE_FACTOR_LINK procedure 1
DBMS_MACADM.DELETE_FACTOR_TYPE procedure 1
DBMS_MACADM.DELETE_FACTOR procedure 1
DBMS_MACADM.DELETE_IDENTITY_MAP procedure 1
DBMS_MACADM.DELETE_IDENTITY procedure 1
DBMS_MACADM.DELETE_MAC_POLICY_CASCADE procedure 1
DBMS_MACADM.DELETE_OBJECT_FROM_REALM procedure 1
DBMS_MACADM.DELETE_OWNER_FROM_POLICY procedure 1
DBMS_MACADM.DELETE_POLICY_FACTOR procedure 1
DBMS_MACADM.DELETE_POLICY_LABEL procedure 1
DBMS_MACADM.DELETE_REALM_CASCADE procedure 1
DBMS_MACADM.DELETE_REALM_FROM_POLICY procedure 1
DBMS_MACADM.DELETE_REALM procedure 1
DBMS_MACADM.DELETE_ROLE procedure 1
DBMS_MACADM.DELETE_RULE_FROM_RULE_SET procedure 1
DBMS_MACADM.DELETE_RULE_SET procedure 1
DBMS_MACADM.DELETE_RULE procedure 1
DBMS_MACADM.DELETE_SESSION_EVENT_CMD_RULE procedure 1
DBMS_MACADM.DELETE_SYSTEM_EVENT_CMD_RULE procedure 1
DBMS_MACADM.DISABLE_APP_PROTECTION procedure 1
DBMS_MACADM.DISABLE_DV_DICTIONARY_ACCTS procedure 1
DBMS_MACADM.DISABLE_DV_PATCH_ADMIN_AUDIT procedure 1
DBMS_MACADM.DISABLE_DV procedure 1
DBMS_MACADM.DISABLE_ORADEBUG procedure 1
DBMS_MACADM.DROP_DOMAIN_IDENTITY procedure 1
DBMS_MACADM.DROP_POLICY procedure 1
DBMS_MACADM.ENABLE_DV_DICTIONARY_ACCTS procedure 1
DBMS_MACADM.ENABLE_DV procedure
- about 1
- registering Database Vault with 1, 2, 3, 4
DBMS_MACADM.ENABLE_ORADEBUG procedure 1
DBMS_MACADM.ENSABLE_DV_PATCH_ADMIN_AUDIT procedure 1
DBMS_MACADM.GET_INSTANCE_INFO function 1
DBMS_MACADM.GET_SESSION_INFO function 1
DBMS_MACADM.RENAME_FACTOR_TYPE procedure 1
DBMS_MACADM.RENAME_FACTOR procedure 1
DBMS_MACADM.RENAME_POLICY procedure 1
DBMS_MACADM.RENAME_REALM procedure 1
DBMS_MACADM.RENAME_ROLE procedure 1
DBMS_MACADM.RENAME_RULE_SET procedure 1
DBMS_MACADM.RENAME_RULE procedure 1
DBMS_MACADM.UNASSIGN_ROLE procedure 1
DBMS_MACADM.UNAUTHORIZE_DBCAPTURE procedure 1
DBMS_MACADM.UNAUTHORIZE_DBREPLAY procedure 1
DBMS_MACADM.UNAUTHORIZE_DDL procedure 1
DBMS_MACADM.UNAUTHORIZE_PREPROCESSOR procedure 1
DBMS_MACADM.UNAUTHORIZE_PROXY_USER procedure 1
DBMS_MACADM.UNAUTHORIZE_SCHEDULER_USER procedure 1
DBMS_MACADM.UNAUTHORIZE_TTS_USER procedure 1
DBMS_MACADM.UPDATE_COMMAND_RULE procedure 1
DBMS_MACADM.UPDATE_CONNECT_COMMAND_RULE procedure 1
DBMS_MACADM.UPDATE_FACTOR_TYPE procedure 1
DBMS_MACADM.UPDATE_FACTOR procedure 1
DBMS_MACADM.UPDATE_IDENTITY procedure 1
DBMS_MACADM.UPDATE_MAC_POLICY procedure 1
DBMS_MACADM.UPDATE_POLICY_DESCRIPTION procedure 1
DBMS_MACADM.UPDATE_POLICY_STATE procedure 1
DBMS_MACADM.UPDATE_REALM_AUTH procedure 1
DBMS_MACADM.UPDATE_REALM procedure 1
DBMS_MACADM.UPDATE_ROLE procedure 1
DBMS_MACADM.UPDATE_RULE_SET procedure 1
DBMS_MACADM.UPDATE_RULE procedure 1
DBMS_MACADM.UPDATE_SESSION_EVENT_CMD_RULE procedure 1
DBMS_MACADM.UPDATE_SYSTEM_EVENT_CMD_RULE procedure 1
DBMS_MACADM package
- about 1
- command rule procedures, listed 1
- factor procedures, listed 1
- Oracle Label Security policy procedures, listed 1
- realm procedures, listed 1
- rule set procedures, listed 1
- secure application role procedures, listed 1
DBMS_MACADM PL/SQL package contents 1
DBMS_MACSEC_ROLES.CAN_SET_ROLE function 1
DBMS_MACSEC_ROLES.SET_ROLE procedure 1
DBMS_MACSEC_ROLES package
- about 1
- functions, listed 1
DBMS_MACUTL.CHECK_DVSYS_DML_ALLOWED procedure 1
DBMS_MACUTL.GET_CODE_VALUE function 1
DBMS_MACUTL.GET_DAY function 1
DBMS_MACUTL.GET_HOUR function 1
DBMS_MACUTL.GET_MINUTE function 1
DBMS_MACUTL.GET_MONTH function 1
DBMS_MACUTL.GET_SECOND function 1
DBMS_MACUTL.GET_YEAR function 1
DBMS_MACUTL.IS_ALPHA function 1
DBMS_MACUTL.IS_DIGIT function 1
DBMS_MACUTL.IS_DVSYS_OWNER function 1
DBMS_MACUTL.IS_OLS_INSTALLED_VARCHAR function 1
DBMS_MACUTL.IS_OLS_INSTALLED function 1
DBMS_MACUTL.USER_HAS_OBJECT_PRIVILEGE function 1
DBMS_MACUTL.USER_HAS_ROLE_VARCHAR function 1
DBMS_MACUTL.USER_HAS_ROLE function 1
DBMS_MACUTL.USER_HAS_SYSTEM_PRIVILEGE function 1
DBMS_MACUTL package
- about 1
- constants (fields)
  - examples 1
  - listed 1
- procedures and functions, listed 1
DBMS_MACUTL PL/SQL package contents 1
DBSNMP schema realm protection 1
DBSNMP user account
- changing password 1
- granted DV_MONITOR role 1
deinstallation 1
deinstalling Oracle Database Vault 1
DELETE_CATALOG_ROLE role 1
deleting event command rules 1
Denial of Service (DoS) attacks
- reports
  - System Resource Limits Report 1
  - Tablespace Quotas Report 1
Direct and Indirect System Privileges By Database Account Report 1
Direct Object Privileges Report 1
direct system privileges 1
Direct System Privileges By Database Account Report 1
disabling system features with Disabled default rule set 1
domains
- defined with factors 1
- finding database domain with DVF.F$DATABASE_DOMAIN 1
- finding with DVF.F$DOMAIN 1
DROP ROLE statement
- monitoring 1
DROP USER statement
- monitoring 1
dual key connection, dual key security
- See: two-person integrity (TPI)
DV_ACCTMGR role 1
- about 1
- backup account 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
- realm protection 1
DV_ADMIN role
- about 1
- changing password for user granted DV_ADMIN 1
- Database Vault disabled 1, 2
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_AUDIT_CLEANUP role
- about 1
- Database Vault disabled 1, 2, 3
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_DATAPUMP_NETWORK_LINK role
- about 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_GOLDENDATE_REDO role
- privileges associated with 1
DV_GOLDENDGATE_ADMIN role
- Database Vault disabled 1
DV_GOLDENGATE_ADMIN role 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_GOLDENGATE_REDO_ACCESS role 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
DV_MONITOR role
- about 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_OWNER role 1
- about 1
- backup account 1
- changing password for user granted DV_OWNER 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_PATCH_ADMIN role 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_POLICY_OWNER role
- about 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_PUBLIC role 1
DV_REALM_OWNER role 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_REALM_RESOURCE role 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_SECANALYST role
- about 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DV_XSTREAM_ADMIN role 1
- Database Vault disabled 1
- GRANT and REVOKE operations affected by 1
- privileges associated with 1
DVF account
- auditing policy 1
- database accounts 1
DVF PL/SQL interface contents 1
DVF schema 1
- about 1
- auditing policy 1
- DBA_DV_DICTIONARY_ACCTS view 1
- PDBs 1
- protecting 1
- realm protection 1
DVSYS.DBA_DV_FACTOR_LINK view 1
DVSYS.DV$CONFIGURATION_AUDIT view 1
DVSYS.DV$ENFORCEMENT_AUDIT view 1
DVSYS.DV$REALM view 1
DVSYS.POLICY_OWNER_POLICY view 1
DVSYS.POLICY_OWNER_REALM_AUTH view 1
DVSYS.POLICY_OWNER_REALM_OBJECT view 1
DVSYS.POLICY_OWNER_REALM view 1
DVSYS.POLICY_OWNER_RULE_SET_RULE view 1
DVSYS.POLICY_OWNER_RULE_SET view 1
DVSYS.POLICY_OWNER_RULE view 1
DVSYS account 1
DVSYS schema
- about 1
- auditing policy 1
- CDBs 1
- DBA_DV_DICTIONARY_ACCTS view 1
- DV_OWNER role 1
- DV_POLICY_OWNER role 1
- PDBs 1, 2
- protecting 1
- realm protection 1

E

email alert in rule set 1
ENABLE_APP_PROTECTION procedure 1
enabling system features with Enabled default rule set 1
encrypted information 1
enterprise identities, Enterprise_Identity default factor 1
Enterprise Manager
- See: Oracle Enterprise Manager
enterprise user security
- configuring Database Vault accounts for 1
errors
- factor error options 1
event handler
- rule sets 1
example 1
examples 1
- See also: tutorials
- DBMS_MACUTL constants 1
- realms 1
- separation of duty matrix 1
- trace files 1, 2, 3
EXECUTE_CATALOG_ROLE role 1
- impact of Oracle Database Vault installation 1
Execute Privileges to Strong SYS Packages Report 1
EXEMPT ACCESS POLICY system privilege 1
exporting data
- See: Oracle Data Pump
external network services, fine-grained access to
- example using email alert 1

F

Factor Audit Report 1
Factor Configuration Issues Report 1
factors 1
- See also: rule sets
- about 1
- assignment 1
  - disabled rule set 1
  - incomplete rule set 1
  - validate 1
- assignment operation 1
- audit events, custom 1
- audit options 1
- child factors
  - about 1
  - Factor Configuration Issues Report 1
  - mapping 1
- creating 1
- creating names 1
- data dictionary views 1
- DBA_DV_FACTOR view 1
- DBA_DV_SIMULATION_LOG view 1
- DBMS_MACUTL constants, example of 1
- default factors 1
- deleting 1
- domain, finding with DVF.F$DOMAIN 1
- error options 1
- evaluate 1
- evaluation operation 1
- factor-identity pair mapping 1
- factor type
  - about 1
  - selecting 1
- functionality 1
- functions
  - DBMS_MACUTL (utility) 1
  - DBMS_MACUTL constants (fields) 1
- guidelines 1
- identifying using child factors 1
- identities
  - about 1, 2
  - adding to factor 1
  - assigning 1
  - configuring 1
  - creating 1
  - database session 1
  - data dictionary views 1
  - deleting 1
  - enterprise-wide users 1
  - how factor identities work 1
  - labels 1
  - mapping, about 1
  - mapping, identified 1
  - mapping, procedure 1
  - mapping, tutorial 1
  - Oracle Label Security labels 1
  - reports 1
  - resolving 1
  - retrieval methods 1
  - setting dynamically 1
  - trust levels 1, 2
  - with Oracle Label Security 1
- initialization, command rules 1
- invalid audit options 1
- label 1
- naming conventions 1
- Oracle Virtual Private Database, attaching factors to 1
- parent factors 1
- performance effect 1
- procedures
  - DBMS_MACADM (configuration) 1
- process flow 1
- reports 1
- retrieving 1
- retrieving with GET_FACTOR 1
- rule sets
  - selecting 1
- setting 1
- setting with SET_FACTOR 1
- troubleshooting
  - auditing report 1
  - configuration problems 1
  - tips 1
- type (category of factor) 1
- validating 1
- values (identities) 1
- views
  - DBA_DV_FACTOR_LINK 1
  - DBA_DV_FACTOR_TYPE 1
  - DBA_DV_IDENTITY 1
  - DBA_DV_IDENTITY_MAP 1
  - DBA_DV_MAC_POLICY_FACTOR 1
- ways to assign 1
Factor Without Identities Report 1
FLASHBACK TABLE SQL statement 1
functions
- command rules
  - DBMS_MACUTL (utility) 1
- DVSYS schema enabling 1
- factors
  - DBMS_MACUTL (utility) 1
- Oracle Label Security policy
  - DBMS_MACADM (configuration) 1
- realms
  - DBMS_MACUTL (utility) 1
- rule sets
  - DBMS_MACADM (configuration) 1
  - DBMS_MACUTL (utility) 1
  - PL/SQL functions for inspecting SQL 1
- secure application roles
  - DBMS_MACADM (configuration) 1
  - DBMS_MACSEC_ROLES (configuration) 1
  - DBMS_MACUTL (utility) 1

G

general security reports 1
GRANT statement
- monitoring 1
guidelines
- ALTER SESSION privilege 1
- ALTER SYSTEM privilege 1
- backup DV_OWNER and DV_ACCTMGR accounts 1
- command rules 1
- CREATE ANY JOB privilege 1
- CREATE EXTERNAL JOB privilege 1
- CREATE JOB privilege 1
- DBMS_FILE_TRANSFER package 1
- factors 1
- general security 1
- LogMiner packages 1
- managing DV_OWNER and DV_ACCTMGR accounts 1
- operating system access 1
- Oracle software owner 1
- performance effect 1
- realms 1
- root access 1
- root user access 1
- rule sets 1
- secure application roles 1
- SYSDBA access 1
- SYSDBA privilege, limiting 1
- SYSOPER access 1
- SYSTEM schema and application tables 1
- SYSTEM user account 1
- trusted accounts and roles 1
- using Database Vault in a production environment 1
- UTL_FILE package 1

H

hackers
- See: security attacks
Hierarchical System Privileges by Database Account Report 1
host names
- finding with DVF.F$DATABASE_HOSTNAME 1

I

identities
- See: factors, identities
Identity Configuration Issues Report 1
IDLE_TIME resource profile 1
IMP_FULL_DATABASE role
- impact of Oracle Database Vault installation 1
importing data
- See: Oracle Data Pump
incomplete rule set 1
- role enablement 1
Information Lifecycle Management 1
- authorizations, about 1
- granting users authorization for 1
- revoking authorization from users 1
initialization parameters
- Allow System Parameters default rule set 1
- modified after installation 1
- modified by Oracle Database Vault 1
- reports 1
insider threats
- See: intruders
installations
- Database Vault and Label Security in a multitenant environment 1
- security considerations 1
intruders
- See: security attacks
- compromising privileged accounts 1
IP addresses
- Client_IP default factor 1
- defined with factors 1

J

Java Policy Grants Report 1
jobs, scheduling
- See: Oracle Scheduler

L

labels 1
- See also: Oracle Label Security
- about 1
Label Security Integration Audit Report 1
languages
- adding to Oracle Database Vault 1
- finding with DVF.F$LANG 1
- finding with DVF.F$LANGUAGE 1
- name
  - Lang default factor 1
  - Language default factor 1
LBACSYS account 1
- See also: Oracle Label Security
- about 1
- auditing policy 1
LBACSYS schema
- auditing policy 1
- realm protection 1
locked out accounts, solution for 1
log files
- Database Vault log files 1
logging on
- reports, Core Database Audit Report 1
LogMiner packages
- guidelines 1

M

managing user accounts and profiles
- Can Maintain Accounts/Profiles default rule set 1
managing user accounts and profiles on own account, Can Maintain Own Accounts default rule set 1
mandatory realms
- about 1
mapping identities 1
MDDATA schema realm protection 1
MDSYS schema realm protection 1
modules
- function to return information about 1
monitoring
- activities 1
multitenant container databases
- See: CDBs
My Oracle Support
- about 1

N

naming conventions
- factors 1
- realms 1
- rules 1
- rule sets 1
network protocol
- finding with DVF.F$NETWORK_PROTOCOL 1
network protocol, Network_Protocol default factor 1
new factors added to realm 1
new objects added to realm 1
new realms introduced to existing realms 1
NOAUDIT statement
- monitoring 1
Non-Owner Object Trigger Report 1
nonsystem database accounts 1

O

Object Access By PUBLIC Report 1
Object Access Not By PUBLIC Report 1
Object Dependencies Report 1
object owners
- nonexistent 1
- reports
  - Command Rule Configuration Issues Report 1
object privilege reports 1
objects 1
- See also: database objects
- command rule objects
  - name 1
  - owner 1
  - processing 1
- dynamic SQL use 1
- mandatory realms 1
- monitoring 1
- object names
  - finding with DV_DICT_OBJ_NAME 1
- object owners
  - finding with DV_DICT_OBJ_OWNER 1
- realms
  - object name 1
  - object owner 1
  - object type 1
  - procedures for registering 1
- reports
  - Access to Sensitive Objects Report 1
  - Accounts with SYSDBA/SYSOPER Privilege Report 1
  - Direct Object Privileges Report 1
  - Execute Privileges to Strong SYS Packages Report 1
  - Non-Owner Object Trigger Report 1
  - Object Access By PUBLIC Report 1
  - Object Access Not By PUBLIC Report 1
  - Object Dependencies Report 1
  - Objects Dependent on Dynamic SQL Report 1
  - OS Directory Objects Report 1
  - privilege 1
  - Public Execute Privilege To SYS PL/SQL Procedures Report 1
  - sensitive 1
  - System Privileges By Privilege Report 1
- restricting user access to using mandatory realms 1
- types
  - finding with DV_DICT_OBJ_TYPE 1
- views, DBA_DV_REALM_OBJECT 1
Objects Dependent on Dynamic SQL Report 1
objects removed from realm 1
object types
- supported for Database Vault realm protection 1
OEM
- See: Oracle Enterprise Manager (OEM)
OEM_MONITOR schema realm protection 1
OLS
- See: Oracle Label Security
operating system access
- guideline for using with Database Vault 1
operating systems
- reports
  - OS Directory Objects Report 1
  - OS Security Vulnerability Privileges Report 1
- vulnerabilities 1
ORA-00942 error 1
ORA-01301 error 1
ORA-06512 error 1, 2
ORA-24247 error 1
ORA-47305 error 1
ORA-47400 error 1, 2
ORA-47401 error 1, 2
ORA-47408 error 1
ORA-47409 error 1
ORA-47500 error 1
ORA-47503 error 1, 2
ORA-47920 error 1
Oracle Database Replay
- authorizations, about 1
- Database Vault authorization
  - granting for workload captures 1
  - granting for workload replays 1
  - revoking for workload captures 1
  - revoking for workload replays 1
- granting users authorization for workload capture operations 1
- granting users authorization for workload replay operations 1
- revoking workload capture authorization from users 1
- revoking workload replay authorization from users 1
Oracle Database Vault
- about 1
- components 1, 2
- deinstalling 1
- disabling
  - procedures for 1
  - reasons for 1
- enabling
  - procedures for 1
- integrating with other Oracle products 1
- Oracle Database installation, affect on 1
- post-installation procedures 1
- privileges to use 1
- registering
  - using DBCA 1
- reinstalling 1
- roles
  - privileges of 1
Oracle Database Vault Administrator (DVA)
- logging on from Oracle Enterprise Manager Cloud Control 1
Oracle Database Vault Administrator pages 1
Oracle Database Vault operations control
- about 1
Oracle Database Vault policies
- about 1
- creating 1
- data dictionary views 1
- default 1
- deleting 1
- in multitenant environment 1
- modifying 1
Oracle Database Vault realm 1
Oracle Database Vault registration
- about 1
- common users to manage specific PDBs 1
- common user to manage CDB root 1
- local users to manage specific PDBs 1
- non-multitenant environment 1
- plugging in a Database Vault-enabled database 1
- verifying configuration and enablement 1
Oracle Data Guard
- integrating Database Vault with 1
Oracle Data Pump
- archiving the Oracle Database Vault audit trail with 1
- authorizing transportable tablespace operations for Database Vault 1
- DBA_DV_DATAPUMP_AUTH view 1
- DBA_DV_TTS_AUTH view 1
- DBMS_MACADM.AUTHORIZE_TTS_USER 1
- DBMS_MACADM.UNAUTHORIZE_TTS_USER 1
- granting authorization to use with Database Vault 1
- guidelines before performing an export or import 1
- levels of authorization required
  - Oracle Data Pump only 1
  - transportable tablespaces 1
- MACADM procedure for authorization 1
- realm protection 1
- revoking standard authorization 1
- revoking transportable tablespace authorization 1
- using with Oracle Database Vault 1
Oracle Default Component Protection Realm 1
Oracle Default Schema Protection Realm 1
Oracle Enterprise Manager
- DBSNMP account
  - changing password 1
  - granted DV_MONITOR role 1
- using Oracle Database Vault with 1
Oracle Enterprise Manager Cloud Control
- monitoring Database Vault for attempted violations 1
- propagating Database Vault configurations to other databases 1
- starting Oracle Database Vault from 1
Oracle Enterprise Manager realm 1
Oracle Enterprise User Security, integrating with Oracle Database Vault 1
Oracle Flashback Technology 1, 2
Oracle GoldenGate
- Database Vault role used for
  - DV_GOLDENGATE_ADMIN 1
  - DV_GOLDENGATE_REDO_ACCESS 1
- in an Oracle Database Vault environment 1
Oracle Internet Directory, registering with DBCA 1
Oracle Internet Directory Distinguished Name, Proxy_Enterprise_Identity default factor 1
Oracle Label Security
- using OLS_LABEL_DOMINATES function in rule expressions 1
Oracle Label Security (OLS) 1
- See also: LBACSYS account
- audit events, custom 1
- checking if installed using DBMS_MACUTL functions 1
- data dictionary views 1
- functions
  - DBMS_MACUTL (utility) 1
- how Database Vault integrates with 1
- initialization, command rules 1
- integration with Oracle Database Vault
  - example 1
  - Label Security Integration Audit Report 1
  - procedure 1
  - requirements 1
- labels
  - about 1
  - determining with GET_FACTOR_LABEL 1
  - invalid label identities 1
- policies
  - accounts that bypass 1
  - monitoring policy changes 1
  - nonexistent 1
- procedures
  - DBMS_MACADM (configuration) 1
- reports 1
- views
  - DBA_DV_MAC_POLICY 1
  - DBA_DV_MAC_POLICY_FACTOR 1
  - DBA_DV_POLICY_LABEL 1
Oracle MetaLink
- See: My Oracle Support
Oracle OLAP realm protection 1
Oracle Real Application Clusters
- configuring Database Vault on RAC nodes 1
- deinstalling Oracle Database Vault from 1
- multiple factor identities 1
Oracle Recovery Manager (RMAN)
- in an Oracle Database Vault environment 1
Oracle Scheduler
- DBA_DV_JOB_AUTH view 1
- granting Oracle Database Vault authorization 1
- realm protection 1
- revoking Oracle Database Vault authorization 1
- SCHEDULER_ADMIN role, impact of Oracle Database Vault installation 1
- using with Oracle Database Vault 1
Oracle software owner, guidelines on managing 1
Oracle Spatial realm protection 1
Oracle System Privilege and Role Management Realm 1
Oracle Text realm protection 1
Oracle Virtual Private Database (VPD)
- accounts that bypass 1
- factors, attaching to 1
- GRANT EXECUTE privileges with Grant VPD Administration default rule set 1
- using Database Vault factors with Oracle Label Security 1
ORADEBUG utility
- about 1
- DBA_DV_ORADEBUG view 1
- PL/SQL procedure for disabling in Database Vault 1
- PL/SQL procedure for enabling in Database Vault 1
- using with Database Vault 1
OS_ROLES initialization parameter 1
OS Directory Objects Report 1
OS Security Vulnerability Privileges Report 1
OUTlN schema realm protection 1

P

parameters
- modified after installation 1
- reports
  - Security Related Database Parameters Report 1
parent factors
- See: factors
Password History Access Report 1
passwords
- forgotten, solution for 1
- reports 1
  - Database Account Default Password Report 1
  - Password History Access Report 1
  - Username/Password Tables Report 1
- resetting for DV_ACCTMGR user 1
- resetting for DV_OWNER user 1
patches
- auditing DV_PATCH_ADMIN user 1
- DBMS_MACADM.DISABLE_DV_PATCH_ADMIN_AUDIT procedure 1
- DBMS_MACADM.ENSABLE_DV_PATCH_ADMIN_AUDIT procedure 1
- DV_PATCH_ADMIN requirement for 1
- security consideration 1
- two-person integrity used for 1
PDBs
- command rules in 1
- disabling tracing
  - all database sessions 1
  - current database session 1
- DVF schema 1
- DVSYS schema 1, 2
- enabling tracing
  - all database sessions 1
  - current database session 1
- plugging Database Vault-enabled PDB to CDB 1
performance effect
- command rules 1
- realms 1
- reports
  - Resource Profiles Report 1
  - System Resource Limits Report 1
- rule sets 1
- secure application roles 1
- static evaluation for rule sets 1
performance tools
- Automatic Workload Repository (AWR)
  - command rules 1
  - factors 1
  - Oracle Enterprise Manager
    - performance tools 1
  - performance tools
    - Cloud Control, realms 1
    - Oracle Enterprise Manager
      - realms 1
  - realms 1
  - rule sets 1
  - secure application roles 1
- Oracle Enterprise Manager
  - command rules 1
  - factors 1
  - performance tools
    - Oracle Enterprise Manager Cloud Control
      - command rules 1
  - rule sets 1
  - secure application roles 1
- Oracle Enterprise Manager Cloud Control
  - factors 1
  - rule sets 1
  - secure application roles 1
- TKPROF utility
  - command rules 1
  - factors 1
  - realms 1
  - rule sets 1
  - secure application roles 1
PL/SQL
- packages
  - unwrapped bodies 1
  - Unwrapped PL/SQL Package Bodies Report 1
PL/SQL factor functions 1
pluggable databases
- See: PDBs
policies
- See: Oracle Database Vault policies
POLICY_OWNER_COMMAND_RULE view 1
policy changes, monitoring 1
post-installation procedures 1
preprocessor programs
- about executing in Database Vault environment 1
- authorizing users in Database Vault environment 1
- Database Vault authorization
  - granting 1
  - revoking 1
- revoking authorization from Database Vault users 1
privileges
- checking with DBMS_MACUTL.USER_HAS_OBJECT_PRIVILEGE function 1
- existing users and roles, Database Vault affect on 1
- least privilege principle
  - violations to 1
- monitoring
  - GRANT statement 1
  - REVOKE statement 1
- Oracle Database Vault restricting 1
- prevented from existing users and roles 1
- reports
  - Accounts With DBA Roles Report 1
  - ALTER SYSTEM or ALTER SESSION Report 1
  - ANY System Privileges for Database Accounts Report 1
  - AUDIT Privileges Report 1
  - Database Accounts With Catalog Roles Report 1
  - Direct and Indirect System Privileges By Database Account Report 1
  - Direct System Privileges By Database Account Report 1
  - Hierarchical System Privileges By Database Account Report 1
  - listed 1
  - OS Directory Objects Report 1
  - Privileges Distribution By Grantee, Owner, Privilege Report 1
  - Privileges Distribution By Grantee, Owner Report 1
  - Privileges Distribution By Grantee Report 1
  - WITH GRANT Privileges Report 1
- restricting access using mandatory realms 1
- roles
  - checking with DBMS_MACUTL.USER_HAS_ROLE_VARCHAR function 1
- system
  - checking with DBMS_MACUTL.USER_HAS_SYSTEM_PRIVILEGE function 1
- views
  - DBA_DV_PUB_PRIVS 1
  - DBA_DV_USER_PRIVS 1
  - DBA_DV_USER_PRIVS_ALL 1
Privileges Distribution By Grantee, Owner, Privilege Report 1
Privileges Distribution By Grantee, Owner Report 1
Privileges Distribution By Grantee Report 1
privileges using external password 1
problems, diagnosing 1
procedures
- command rules
  - .DBMS_MACADM (configuration) 1
- factors
  - DBMS_MACADM (configuration) 1
- realms
  - DBMS_MACADM (configuration) 1
production environments
- guidelines for securing 1
profiles 1
proxy user authorization
- Database Vault authorization
  - DBA_DV_PROXY_AUTH view 1
  - granting 1
  - revoking 1
proxy users
- function to return name of 1
PUBLIC access to realms 1
Public Execute Privilege To SYS PL/SQL Procedures Report 1
PUBLIC user account
- impact of Oracle Database Vault installation 1

Q

quotas
- tablespace 1

R

Realm Audit Report 1
Realm Authorization Configuration Issues Report 1
realm authorizations:multitenant environment 1
realms 1
- See also: rule sets
- about 1
- adding roles to as grantees 1
- audit events, custom 1
- authentication-related procedures 1
- authorization
  - enabling access to realm-protected objects 1
  - how realm authorizations work 1
  - process flow 1
  - troubleshooting 1
- authorizations
  - grantee 1
  - rule set 1
- authorizations in multitenant environment 1
- creating 1
- creating names 1
- Database Vault Account Management realm 1
- data dictionary views 1
- data masking 1
- DBMS_MACUTL constants, example of 1
- default realms
  - listed 1
- deleting 1
- disabling 1
- DV_REALM_OWNER role 1
- DV_REALM_RESOURCE role 1
- effect on other Oracle Database Vault components 1
- enabling 1
- enabling access to realm-protected objects 1
- example 1
- functions
  - DBMS_MACUTL (utility) 1
  - DBMS_MACUTL constants (fields) 1
- guidelines 1
- how realms work 1
- mandatory realms 1
- multitenant environment
  - about 1
- naming conventions 1
- object-related procedures 1
- object types, supported 1
- Oracle Database Vault realm 1
- Oracle Default Component Protection Realm 1
- Oracle Default Schema Protection Realm 1
- Oracle Enterprise Manager realm 1
- Oracle System Privilege and Role Management Realm 1
- performance effect 1
- procedures
  - DBMS_MACADM (configuration) 1
- process flow 1
- propagating configuration to other databases 1
- protection after object is dropped 1
- PUBLIC access 1
- realm authorizations
  - about 1
- realm secured objects
  - object name 1
  - object owner 1
  - object type 1
- realm-secured objects 1
- reports 1
- roles
  - DV_REALM_OWNER 1
  - DV_REALM_RESOURCE 1
- secured object 1
- simulation mode 1
- territory a realm protects 1
- troubleshooting 1, 2
- tutorial 1
- views
  - DBA_DV_CODE 1
  - DBA_DV_MAINTENANCE_AUTH 1
  - DBA_DV_POLICY 1
  - DBA_DV_POLICY_OBJECT 1
  - DBA_DV_POLICY_OWNER 1
  - DBA_DV_REALM 1
  - DBA_DV_REALM_OBJECT 1
  - DBS_DV_REALM_AUTH 1
  - DVSYS.POLICY_OWNER_COMMAND_RULE 1
  - DVSYS.POLICY_OWNER_POLICY 1
  - DVSYS.POLICY_OWNER_REALM 1
  - DVSYS.POLICY_OWNER_REALM_AUTH 1
  - DVSYS.POLICY_OWNER_REALM_OBJECT 1
  - DVSYS.POLICY_OWNER_RULE 1
  - DVSYS.POLICY_OWNER_RULE_SET 1
  - DVSYS.POLICY_OWNER_RULE_SET_RULE 1
realms all in simulation mode 1
recovering lost password 1, 2
RECOVERY_CATALOG_OWNER role 1
RECYCLEBIN initialization parameter
- default setting in Oracle Database Vault 1
registering Oracle Database Vault 1
registration
- multitenant, about 1
reinstalling Oracle Database Vault 1
REMOTE_LOGIN_PASSWORDFILE initialization parameter 1
reports
- about 1
- Access to Sensitive Objects Report 1
- Accounts With DBA Roles Report 1
- Accounts with SYSDBA/SYSOPER Privilege Report 1
- ALTER SYSTEM or ALTER SESSION Report 1
- ANY System Privileges for Database Accounts Report 1
- auditing 1
- AUDIT Privileges Report 1
- BECOME USER Report 1
- categories of 1
- Command Rule Audit Report 1
- Command Rule Configuration Issues Report 1
- Core Database Audit Report 1
- Core Database Vault Audit Trail Report 1
- Database Account Default Password Report 1
- Database Account Status Report 1
- Database Accounts With Catalog Roles Report 1
- Direct and Indirect System Privileges By Database Account Report 1
- Direct Object Privileges Report 1
- Direct System Privileges By Database Account Report 1
- Enterprise Manager Cloud Control 1
- Execute Privileges to Strong SYS Packages Report 1
- Factor Audit Report 1
- Factor Configuration Issues Report 1
- Factor Without Identities 1
- general security 1
- Hierarchical System Privileges by Database Account Report 1
- Identity Configuration Issues Report 1
- Java Policy Grants Report 1
- Label Security Integration Audit Report 1
- Non-Owner Object Trigger Report 1
- Object Access By PUBLIC Report 1
- Object Access Not By PUBLIC Report 1
- Object Dependencies Report 1
- Objects Dependent on Dynamic SQL Report 1
- OS Directory Objects Report 1
- OS Security Vulnerability Privileges 1
- Password History Access Report 1
- permissions for running 1
- privilege management 1
- Privileges Distribution By Grantee, Owner, Privilege Report 1
- Privileges Distribution By Grantee, Owner Report 1
- Privileges Distribution By Grantee Report 1
- Public Execute Privilege To SYS PL/SQL Procedures Report 1
- Realm Audit Report 1
- Realm Authorization Configuration Issues Report 1
- Resource Profiles Report 1
- Roles/Accounts That Have a Given Role Report 1
- Rule Set Configuration Issues Report 1
- running 1
- Secure Application Configuration Issues Report 1
- Secure Application Role Audit Report 1
- Security Policy Exemption Report 1
- Security Related Database Parameters 1
- security vulnerability 1
- System Privileges By Privilege Report 1
- System Resource Limits Report 1
- Tablespace Quotas Report 1
- Unwrapped PL/SQL Package Bodies Report 1
- Username /Password Tables Report 1
- WITH ADMIN Privileges Grants Report 1
- WITH GRANT Privileges Report 1
Resource Profiles Report 1
resources
- reports
  - Resource Profiles Report 1
  - System Resource Limits Report 1
REVOKE statement
- monitoring 1
roles 1
- See also: secure application roles
- adding to realms as grantees 1
- catalog-based 1
- Database Vault default roles 1
- privileges, checking with DBMS_MACUTL.USER_HAS_ROLE_VARCHAR function 1
- role-based system privileges 1
- role enablement in incomplete rule set 1
Roles/Accounts That Have a Given Role Report 1
root access
- guideline for using with Database Vault 1
- guidelines on managing 1
rules 1
- See also: rule sets
- about 1
- creating 1
- creating names 1
- data dictionary views 1
- default 1
- deleting 1
- deleting from rule set 1
- existing rules, adding to rule set 1
- naming conventions 1
- nested within a rule set 1
- removing from rule set 1
- reports 1
- troubleshooting 1
- views
  - DBA_DV_RULE 1
  - DBA_DV_RULE_SET_RULE 1
Rule Set Configuration Issues Report 1
rule sets 1
- See also: command rules, factors, realms, rules, secure application roles
- about 1
- adding existing rules 1
- auditing
  - intruders
    - using rule sets 1
- audit options 1
- command rules
  - disabled 1
  - selecting for 1
  - used with 1
- creating 1
  - rules in 1
- creating names 1
- data dictionary views 1
- DBMS_MACUTL constants, example of 1
- default rules 1
- default rule sets 1
- deleting 1
  - rules from 1
- disabled for
  - factor assignment 1
  - realm authorization 1
- evaluation of rules 1
- event handlers 1
- events firing, finding with DV_SYSEVENT 1
- factors, selecting for 1
- fail code 1
- fail message 1
- functions
  - DBMS_MACADM (configuration) 1
  - DBMS_MACUTL (utility) 1
  - DBMS_MACUTL constants (fields) 1
  - PL/SQL functions for rule sets 1
- guidelines 1
- how rule sets work 1
- incomplete 1
- multitenant environment
  - about 1
- naming conventions 1
- nested rules 1
- performance effect 1
- procedures
  - DBMS_MACADM (configuration) 1
- process flow 1
- propagating configuration to other databases 1
- removing references to objects 1
- reports 1
- rule sets
  - evaluation options 1
- rules that exclude one user 1
- security attacks
  - tracking
    - with rule set auditing 1
- static evaluation 1
- troubleshooting 1, 2
- views
  - DBA_DV_RULE 1
  - DBA_DV_RULE_SET 1
  - DBA_DV_RULE_SET_RULE 1
rules sets
- audit event, custom 1

S

SCHEDULER_ADMIN role
- impact of Oracle Database Vault installation 1
scheduling database jobs
- CREATE EXTERNAL JOB privilege security consideration 1
scheduling jobs
- See: Oracle Scheduler
schemas
- DVF 1
- DVSYS 1
Secure Application Configuration Issues Report 1
secure application role 1
Secure Application Role Audit Report 1
secure application roles 1
- See also: roles, rule sets
- audit event, custom 1
- creating 1
- data dictionary view 1
- DBMS_MACSEC_ROLES.SET_ROLE function 1
- deleting 1
- functionality 1
- functions
  - DBMS_MACADM (configuration) 1
  - DBMS_MACSEC_ROLES (configuration) 1
  - DBMS_MACSEC_ROLES package 1
  - DBMS_MACUTL (utility) 1
  - DBMS_MACUTL constants (fields) 1
- guidelines on managing 1
- modifying 1
- performance effect 1
- procedure
  - DBMS_MACADM (configuration) 1
- procedures and functions
  - DBMS_MACUTL (utility) 1
- propagating configuration to other databases 1
- reports 1
  - Rule Set Configuration Issues Report 1
- troubleshooting 1
- troubleshooting with auditing report 1
- tutorial 1
- views
  - DBA_DV_ROLE 1
security attacks
- Denial of Service (DoS) attacks
  - finding system resource limits 1
- Denial of Service attacks
  - finding tablespace quotas 1
- eliminating audit trail 1
- monitoring security violations 1
- Oracle Database Vault addressing compromised privileged user accounts 1
- reports
  - AUDIT Privileges Report 1
  - Objects Dependent on Dynamic SQL Report 1
  - Privileges Distribution By Grantee, Owner Report 1
  - Unwrapped PL/SQL Package Bodies Report 1
- SQL injection attacks 1
- tracking
  - with factor auditing 1
security policies, Oracle Database Vault addressing 1
Security Policy Exemption Report 1
Security Related Database Parameters Report 1
security violations
- monitoring attempts 1
security vulnerabilities
- how Database Vault addresses 1
- operating systems 1
- reports 1
  - Security Related Database Parameters Report 1
- root operating system directory 1
SELECT_CATALOG_ROLE role 1
sensitive objects reports 1
separation of duty concept
- about 1
- command rules 1
- database accounts 1
- database accounts, suggested 1
- database roles 1
- Database Vault Account Manager role 1
- documenting tasks 1
- example matrix 1
- how Oracle Database Vault addresses 1
- realms 1
- restricting privileges 1
- roles 1
- tasks in Oracle Database Vault environment 1
session event command rule
- updating 1
session event command rules
- creating for events 1
- deleting 1
sessions
- audit events, custom 1
- DBMS_MACUTL fields 1
- finding session user with DVF.F$SESSION_USER 1
- restricting data based on 1
- retrieving information with functions 1
simulation mode
- about 1
- use cases 1
simulation mode, realms
- considerations 1
- use cases
  - adding authorized users to a realm 1
  - adding new objects to a realm 1
  - all in simulation mode 1
  - new realms introduced to existing realms 1
  - removing authorized users from a realm 1
  - removing objects from a realm 1
  - testing new changes to an existing command rule 1
  - testing new factors with realms 1
simulation mode realm use cases and guidelines 1, 2, 3, 4, 5, 6, 7, 8, 9
SQL92_SECURITY initialization parameter 1
SQL injection attacks, detecting with Object Dependent on Dynamic SQL Report 1
SQL statements
- default command rules that protect 1
SQL statements protected by 1
SQL text, finding with DV_SQL_TEXT 1
subfactors
- See: child factors under factors topic
SYSDBA access
- guidelines on managing 1
SYSDBA privilege
- limiting, importance of 1
SYSOPER access
- guidelines on managing 1
system event command rule
- updating 1
system event command rules
- creating 1
- deleting 1
system features
- disabling with Disabled rule set 1
- enabling with Enabled rule set 1
system privileges
- checking with DBMS_MACUTL.USER_HAS_SYSTEM_PRIVILEGE function 1
- reports
  - System Privileges By Privileges Report 1
System Privileges By Privilege Report 1
System Resource Limits Report 1
system root access, guideline on managing 1
SYSTEM schema
- application tables in 1
- realm protection 1
SYSTEM user account
- guidelines for using with Database Vault 1
SYS user account
- adding to realm authorization 1

T

tablespace quotas 1
Tablespace Quotas Report 1
time data
- DBMS_MACUTL functions 1
trace files
- about 1
trace files, Oracle Database Vault
- about 1
- activities that can be traced 1
- ADRCI utility 1
- directory location for trace files 1
- disabling for all sessions 1
- disabling for current session 1
- enabling for all sessions 1
- enabling for current session 1
- examples
  - highest level on realm violations 1
  - high level authorization 1
  - low level realm violations 1
- finding trace file directory 1
- levels of trace events 1
- performance effect 1
- querying
  - ADRCI utility 1
  - Linux grep command 1
traisimulationning mode
- tutorial 1
Transparent Data Encryption, used with Oracle Database Vault 1
transportable tablespaces
- authorizing for Oracle Data Pump operations in Database Vault 1
- DBA_DV_TTS_AUTH view 1
- DBMS_MACADM.AUTHORIZE_TTS_USER procedure 1
- DBMS_MACADM.UNAUTHORIZE_TTS_USER procedure 1
triggers
- different from object owner account 1
- reports, Non-Owner Object Trigger Report 1
troubleshooting
- access security sessions 1
- auditing reports, using 1
- factors 1
- general diagnostic tips 1
- locked out accounts 1
- passwords, forgotten 1
- realms 1
- rules 1
- rule sets 1
- secure application roles 1
trusted users
- accounts and roles that should be limited 1
- default for Oracle Database Vault 1
trust levels
- about 1
- determining for identities with GET_TRUST_LEVEL_FOR_IDENTITY 1
- determining with GET_TRUST_LEVEL 1
- factor identity 1
- factors 1
- for factor and identity requested 1
- identities 1
- of current session identity 1
tutorials 1
- See also: examples
- access, granting with secure application roles 1
- ad hoc tool access, preventing 1
- configuring two-person integrity (TPI) 1
- Database Vault factors with Virtual Private Database and Oracle Label Security 1
- email alert in rule set 1
- factors, mapping identities 1
- Oracle Label Security integration with Oracle Database Vault 1
- restricting access based on session data 1
- restricting user activities with command rules 1
- schema, protecting with a realm 1
- simulation mode 1
two-man rule security
- See: two-person integrity (TPI)
two-person integrity (TPI)
- about 1
- configuring with a rule set 1

U

UNAUTHORIZE_MAINTENANCE_USER procedure 1
unified audit trail
- how it works with Database Vault 1
- protecting with a realm 1
Unwrapped PL/SQL Package Bodies Report 1
USER_HISTORY$ table 1
user authorization
- Database Vault authorization for ILM
  - granting 1
  - revoking 1
- Database Vault authorization for Information Lifecycle Management
  - granting 1
  - revoking 1
Username/Password Tables Report 1
user names
- reports, Username/Password Tables Report 1
users
- enterprise identities, finding with DVF.F$PROXY_ENTERPRISE_IDENTITY 1
- enterprise-wide identities, finding with DVF.F$ENTERPRISE_IDENTITY 1
- finding session user with DVF.F$SESSION_USER 1
- login user name, finding with DV_LOGIN_USER 1
- restricting access by factor identity 1
utility functions
- See: .DBMS_MACUTL package
UTL_FILE object 1
UTL_FILE package, guidelines on managing 1

V

views 1
- See also: names beginning with DVSYS.DBA_DV
- AUDSYS.DV$CONFIGURATION_AUDIT 1
- AUDSYS.DV$ENFORCEMENT_AUDIT 1
- CDB_DV_STATUS 1
- DBA_DV_APP_EXCEPTION 1
- DBA_DV_CODE 1
- DBA_DV_COMMAND_RULE 1
- DBA_DV_DATAPUMP_AUTH 1
- DBA_DV_DBCAPTURE_AUTH 1
- DBA_DV_DBREPLAY_AUTH 1
- DBA_DV_DDL_AUTH 1
- DBA_DV_DICTIONARY_ACCTS 1
- DBA_DV_FACTOR 1
- DBA_DV_FACTOR_TYPE 1
- DBA_DV_IDENTITY 1
- DBA_DV_IDENTITY_MAP 1
- DBA_DV_JOB_AUTH 1
- DBA_DV_MAINTENANCE_AUTH 1
- DBA_DV_ORADEBUG 1
- DBA_DV_PATCH_ADMIN_AUDIT 1
- DBA_DV_POLICY 1
- DBA_DV_POLICY_LABEL 1
- DBA_DV_POLICY_OBJECT 1
- DBA_DV_POLICY_OWNER 1
- DBA_DV_PREPROCESSOR_AUTH 1
- DBA_DV_PROXY_AUTH 1
- DBA_DV_PUB_PRIVS 1
- DBA_DV_REALM 1
- DBA_DV_REALM_AUTH 1
- DBA_DV_REALM_OBJECT 1
- DBA_DV_ROLE 1
- DBA_DV_RULE_SET 1
- DBA_DV_RULE_SET_RULE 1
- DBA_DV_SIMULATION_LOG 1
- DBA_DV_STATUS 1
- DBA_DV_TTS_AUTH 1
- DBA_DV_USER_PRIVS 1
- DBA_DV_USER_PRIVS_ALL 1
- DVSYS.DV$CONFIGURATION_AUDIT 1
- DVSYS.DV$ENFORCEMENT_AUDIT 1
- DVSYS.DV$REALM 1
- DVSYS.POLICY_OWNER_COMMAND_RULE 1
- DVSYS.POLICY_OWNER_POLICY 1
- DVSYS.POLICY_OWNER_REALM 1
- DVSYS.POLICY_OWNER_REALM_AUTH 1
- DVSYS.POLICY_OWNER_REALM_OBJECT 1
- DVSYS.POLICY_OWNER_RULE 1
- DVSYS.POLICY_OWNER_RULE_SET 1
- DVSYS.POLICY_OWNER_RULE_SET_RULE 1
VPD
- See: Oracle Virtual Private Database (VPD)

W

WITH ADMIN Privileges Grants Report 1
WITH ADMIN status 1, 2
WITH GRANT clause 1
WITH GRANT Privileges Report 1

X

XStream
- Database Vault role used for 1
- in an Oracle Database Vault environment 1