Database Concurrency Control: Two-Phase Locking (2PL) Questions Multiple Choice Questions

(30) What is the primary purpose of Two-Phase Locking (2PL)? a) To ensure transactions
execute as quickly as possible b) To guarantee conflict serializability c) To eliminate all database
locks d) To allow unlimited concurrency Answer: b) To guarantee conflict serializability

Which phase in 2PL allows a transaction to only release locks? a) Growing phase b) Shrinking
phase c) Locking phase d) Unlocking phase Answer: b) Shrinking phase

What problem can occur if transactions release locks before committing in basic 2PL? a)
Deadlocks b) Cascading aborts c) Lost updates d) Phantom reads Answer: b) Cascading aborts

Which lock type is compatible with a Shared lock? a) Exclusive lock b) Shared lock c) Update
lock d) Intention-Exclusive lock Answer: b) Shared lock

In Strong Strict 2PL, when are locks released? a) Immediately after use b) At the end of the
transaction c) During the shrinking phase d) When another transaction requests them Answer: b)
At the end of the transaction

What is the main advantage of Strong Strict 2PL over basic 2PL? a) Higher concurrency b) No
cascading aborts c) No need for deadlock detection d) Faster transaction execution Answer: b)
No cascading aborts

Which algorithm uses a waits-for graph for deadlock handling? a) Deadlock prevention b)
Deadlock detection c) Wait-die d) Wound-wait Answer: b) Deadlock detection

In the Wait-Die deadlock prevention scheme, what happens when a younger transaction requests
a lock held by an older transaction? a) The younger transaction waits b) The younger transaction
dies (aborts) c) The older transaction releases the lock d) Both transactions wait Answer: b) The
younger transaction dies (aborts)

What does an Intention-Shared (IS) lock indicate? a) The transaction will update the entire table
b) The transaction may acquire shared locks at finer granularity c) The transaction has exclusive
access to the resource d) The transaction is about to commit Answer: b) The transaction may
acquire shared locks at finer granularity

Which lock mode is compatible with Intention-Exclusive (IX)? a) Shared (S) b) Exclusive (X) c)
Intention-Shared (IS) d) Shared+Intention-Exclusive (SIX) Answer: c) Intention-Shared (IS)

What is the purpose of lock escalation? a) To increase the number of locks held by a transaction
b) To replace many fine-grained locks with fewer coarse-grained locks c) To prevent any locking
from occurring d) To speed up lock acquisition Answer: b) To replace many fine-grained locks
with fewer coarse-grained locks

Which SQL statement is used to explicitly lock rows for update? a) LOCK TABLE b)
SELECT...FOR UPDATE c) BEGIN EXCLUSIVE d) GET LOCK Answer: b) SELECT...FOR
UPDATE
In hierarchical locking, what must a transaction hold on a parent node before acquiring an X lock
on a child? a) S lock b) IS lock c) IX lock d) SIX lock Answer: c) IX lock

Which of the following is NOT guaranteed by basic 2PL? a) Conflict serializability b) Freedom
from deadlocks c) Prevention of dirty reads d) Proper isolation between transactions Answer: b)
Freedom from deadlocks

What happens in the Wound-Wait scheme when a younger transaction holds a lock needed by an
older transaction? a) The older transaction waits b) The younger transaction is aborted c) Both
transactions are aborted d) The lock is automatically upgraded Answer: b) The younger
transaction is aborted

Which of these schedules would be allowed under 2PL but not under Strong Strict 2PL? a) A
schedule where all locks are released at commit b) A schedule with no lock releases before
commit c) A schedule with some locks released before commit d) A schedule with no locks at all
Answer: c) A schedule with some locks released before commit

What is the main disadvantage of deadlock detection compared to deadlock prevention? a) It

requires more system resources b) It cannot handle complex deadlocks c) It only works with
shared locks d) It slows down transaction processing Answer: a) It requires more system
resources

Which lock mode would be most appropriate for a transaction that needs to read an entire table
and update a few rows? a) S b) X c) IS d) SIX Answer: d) SIX

In the lock compatibility matrix, which lock mode is incompatible with all other modes? a) IS b)
IX c) S d) X Answer: d) X

What is the primary purpose of intention locks in hierarchical locking? a) To reduce the number
of locks needed b) To allow concurrent access at different granularities c) To prevent all locking
conflicts d) To speed up lock acquisition Answer: b) To allow concurrent access at different
granularities

Which of the following is NOT a factor typically considered when selecting a deadlock victim? a)
Transaction age b) Number of locks held c) Transaction priority d) CPU usage Answer: d) CPU
usage

What problem can occur if the DBMS checks for deadlocks too infrequently? a) Transactions
may wait unnecessarily long b) Too many false deadlock detections c) Increased lock
compatibility d) Faster transaction processing Answer: a) Transactions may wait unnecessarily
long

Which statement about locks and latches is correct? a) Latches protect database contents during
entire transactions b) Locks protect in-memory data structures during critical sections c) Locks
are held for entire transactions while latches are held during critical sections d) There is no
practical difference between locks and latches Answer: c) Locks are held for entire transactions
while latches are held during critical sections

What is the key difference between conflict serializability and view serializability? a) Conflict
serializability is more restrictive b) View serializability is easier to verify c) Conflict
serializability is what most DBMSs implement d) Both a) and c) Answer: d) Both a) and c)

In hierarchical locking, what must a transaction hold on a table before acquiring an S lock on a
tuple? a) IS b) IX c) S d) X Answer: a) IS

Which of these is NOT a valid strategy for handling deadlocks? a) Deadlock detection b)
Deadlock prevention c) Deadlock ignoring d) Deadlock avoidance Answer: c) Deadlock ignoring

What happens to a transaction's priority when it restarts after being aborted due to a deadlock? a)
It gets a new, higher priority b) It gets a new, lower priority c) It keeps its original
timestamp/priority d) Priority is randomly reassigned Answer: c) It keeps its original
timestamp/priority

Which of these lock types allows the most concurrency? a) X b) S c) IS d) IX Answer: c) IS

What is the main purpose of the growing phase in 2PL? a) To release locks gradually b) To
acquire all needed locks c) To detect deadlocks d) To commit transactions Answer: b) To acquire
all needed locks

Which of these statements about Strong Strict 2PL is FALSE? a) It prevents cascading aborts b)
It allows some locks to be released before commit c) It provides strict serializability d) It's more
restrictive than basic 2PL Answer: b) It allows some locks to be released before commit

True/False Questions (10) Two-Phase Locking guarantees that no deadlocks will occur. Answer:
False

Strong Strict 2PL requires all locks to be held until commit time. Answer: True

A Shared (S) lock is compatible with an Intention-Exclusive (IX) lock. Answer: False

View serializability is more restrictive than conflict serializability. Answer: False

In the Wait-Die scheme, an older transaction will wait for a younger transaction. Answer: False

Lock escalation improves performance by reducing the number of lock requests. Answer: True

Basic 2PL prevents dirty reads by requiring all locks to be held until commit. Answer: False

Intention locks are only needed in hierarchical locking schemes. Answer: True

Deadlock prevention schemes eliminate the need for deadlock detection. Answer: True
The shrinking phase in 2PL allows transactions to acquire new locks. Answer: False

Fill-in-the-Blank Questions (10) The ________ protocol requires transactions to acquire all locks
before releasing any. Answer: Two-Phase Locking (2PL)

________ occurs when one transaction's abort forces other transactions to abort. Answer:
Cascading aborts

The ________ lock mode allows reading an entire table while indicating some rows will be
updated. Answer: SIX (Shared+Intention-Exclusive)

In the ________ deadlock prevention scheme, an older transaction can preempt a younger one.
Answer: Wound-Wait

The ________ graph is used in deadlock detection to identify cycles. Answer: waits-for

________ serializability is what most DBMSs implement because it can be verified efficiently.
Answer: Conflict

To acquire an X lock on a tuple, a transaction must hold at least an ________ lock on the parent
table. Answer: IX (Intention-Exclusive)

The ________ phase in 2PL is when transactions can only release locks, not acquire new ones.
Answer: shrinking

________ locks protect database contents during transactions, while ________ protect in-
memory data structures during critical sections. Answer: Locks, latches

The SQL statement ________ explicitly locks rows for update in a SELECT query. Answer:
SELECT...FOR UPDATE

Ch3-Transactions_Management_and_Concurrency_Control_(2)[1].pptx PPTX 1.86MB select

this pdf 35 multiple choose 10 true or false and 10 blank space all are complex question and with
answer generate all question step by step Database Transaction Management and Concurrency
Control Questions Multiple Choice Questions (35) What does the "A" in ACID properties stand
for? a) Availability b) Atomicity c) Authorization d) Automation Answer: b) Atomicity

Which transaction state occurs after all operations have been executed but before commit? a)
Active b) Partially committed c) Committed d) Terminated Answer: b) Partially committed

What is the primary purpose of a transaction log? a) To improve query performance b) To enable
database recovery c) To reduce storage requirements d) To simplify database design Answer: b)
To enable database recovery
Which concurrency control problem occurs when two transactions update the same data item and
one update is lost? a) Uncommitted data b) Inconsistent retrieval c) Lost update d) Phantom read
Answer: c) Lost update

What is the main difference between interleaved and parallel processing? a) Interleaved uses
multiple CPUs b) Parallel processing uses a single CPU c) Interleaved shares a single CPU d)
Parallel processing is always faster Answer: c) Interleaved shares a single CPU

Which SQL statement permanently records transaction changes in the database? a) BEGIN b)
COMMIT c) SAVE d) END Answer: b) COMMIT

What makes a schedule serializable? a) It executes transactions one after another b) It produces
the same result as some serial schedule c) It uses two-phase locking d) It prevents all
concurrency problems Answer: b) It produces the same result as some serial schedule

Which lock granularity would be most appropriate for a batch process updating an entire table? a)
Row-level b) Page-level c) Table-level d) Field-level Answer: c) Table-level

In the wait/die deadlock prevention scheme, what happens when an older transaction requests a
lock held by a younger transaction? a) The older transaction waits b) The older transaction dies c)
The younger transaction is wounded d) The lock is upgraded Answer: a) The older transaction
waits

Which phase in optimistic concurrency control checks if changes will affect database integrity? a)
Read phase b) Validation phase c) Write phase d) Commit phase Answer: b) Validation phase

What is the main advantage of row-level locking over table-level locking? a) Lower overhead b)
Better performance for batch processing c) Higher concurrency d) Simpler implementation
Answer: c) Higher concurrency

Which ACID property ensures that transactions appear to execute sequentially? a) Atomicity b)
Consistency c) Isolation d) Durability Answer: c) Isolation

What is used to test for conflict serializability? a) Transaction log b) Precedence graph c) Lock
table d) Time stamp Answer: b) Precedence graph

Which concurrency control method requires no locking during transaction execution? a) Two-
phase locking b) Time stamping c) Optimistic d) Shared/exclusive locking Answer: c) Optimistic

What problem occurs when a transaction reads uncommitted data that is later rolled back? a)
Lost update b) Dirty read c) Inconsistent retrieval d) Phantom read Answer: b) Dirty read

Which lock type allows multiple transactions to read but not write the same data item? a)
Exclusive lock b) Shared lock c) Update lock d) Intent lock Answer: b) Shared lock
In two-phase locking, when can a transaction first release a lock? a) After it acquires all needed
locks b) After it completes its first operation c) Before it acquires other locks d) Immediately
after use Answer: a) After it acquires all needed locks

What is the main disadvantage of field-level locking? a) Low concurrency b) High overhead c)
Poor recovery d) Limited to batch processing Answer: b) High overhead

Which transaction property ensures that committed changes persist despite failures? a) Atomicity
b) Consistency c) Isolation d) Durability Answer: d) Durability

What occurs in a cascading rollback? a) Multiple transactions are aborted due to one failure b) A
transaction is automatically restarted c) Locks are automatically released d) The database reverts
to initial state Answer: a) Multiple transactions are aborted due to one failure

Which schedule property prevents cascading rollbacks? a) Recoverable b) Cascadeless c)

Serializable d) Strict Answer: b) Cascadeless

In timestamp ordering, what happens when a younger transaction tries to read data modified by
an older transaction? a) The read is allowed b) The younger transaction is rolled back c) The
older transaction is rolled back d) A deadlock occurs Answer: a) The read is allowed

What is the main purpose of the transaction scheduler? a) To ensure serializability b) To

optimize disk I/O c) To reduce CPU usage d) To simplify SQL statements Answer: a) To ensure
serializability

Which concurrency control problem occurs when aggregate calculations are performed during
updates? a) Lost update b) Uncommitted data c) Inconsistent retrieval d) Deadlock Answer: c)
Inconsistent retrieval

What is the main advantage of optimistic concurrency control? a) No locking overhead during
transaction execution b) Guaranteed deadlock prevention c) Better for high-contention systems d)
Simpler recovery procedures Answer: a) No locking overhead during transaction execution

Which lock type must be used when updating a data item? a) Shared b) Exclusive c) Intent d)
Binary Answer: b) Exclusive

What is the main disadvantage of database-level locking? a) High overhead b) Poor concurrency
c) Complex implementation d) Limited to single-user systems Answer: b) Poor concurrency

Which transaction state occurs after successful completion? a) Partially committed b) Committed
c) Terminated d) Aborted Answer: b) Committed

What is recorded in the transaction log for an update operation? a) Only the new value b) Only
the old value c) Both old and new values d) The SQL statement Answer: c) Both old and new
values
Which concurrency control method uses a waits-for graph? a) Deadlock prevention b) Deadlock
detection c) Two-phase locking d) Optimistic control Answer: b) Deadlock detection

What is the main purpose of the growing phase in two-phase locking? a) To release locks
gradually b) To acquire all needed locks c) To detect deadlocks d) To commit transactions
Answer: b) To acquire all needed locks

Which ACID property requires that transactions maintain database rules? a) Atomicity b)
Consistency c) Isolation d) Durability Answer: b) Consistency

In wound/wait deadlock prevention, what happens when an older transaction requests a lock held
by a younger transaction? a) The older transaction waits b) The older transaction is rolled back c)
The younger transaction is rolled back d) The lock is shared Answer: c) The younger transaction
is rolled back

Which lock type is most compatible with other locks? a) Exclusive b) Shared c) Update d) Intent
Answer: b) Shared

What is the main advantage of page-level locking over row-level locking? a) Higher concurrency
b) Lower overhead c) Better for online systems d) More granular control Answer: b) Lower
overhead

True/False Questions (10) A serial schedule always maintains database consistency. Answer:
True

Binary locking allows multiple transactions to read the same data simultaneously. Answer: False

The transaction log is only used for recovery purposes. Answer: False (also used for auditing and
analysis)

Time stamping methods prevent deadlocks by design. Answer: True

Field-level locking provides the highest concurrency. Answer: True

All serializable schedules are serial. Answer: False

The shrinking phase in 2PL allows transactions to acquire new locks. Answer: False

Optimistic concurrency control works well for high-contention systems. Answer: False

A recoverable schedule prevents cascading rollbacks. Answer: False (only cascadeless schedules
do this)

Database-level locking is suitable for multi-user OLTP systems. Answer: False

Fill-in-the-Blank Questions (10) The ________ property requires that all transaction operations
complete or none do. Answer: atomicity

A ________ schedule is one where the commit order matches the read-write dependencies
between transactions. Answer: recoverable

The ________ graph is used to detect deadlocks in locking-based systems. Answer: waits-for

In optimistic concurrency control, updates are first written to a ________ before validation.
Answer: temporary update file (or private workspace)

________ locking allows multiple transactions to read but only one to write a data item. Answer:
Shared/exclusive

The ________ phase in optimistic concurrency control checks for conflicts with other
transactions. Answer: validation

A ________ lock is required before updating a data item. Answer: exclusive

The ________ property ensures that transactions don't interfere with each other. Answer:
isolation

________ occurs when two transactions wait indefinitely for each other to release locks. Answer:
Deadlock

The ________ method of concurrency control assigns each transaction a unique timestamp.
Answer: timestamp ordering

Ch4-_Database_Recovery[1].pptx PPTX 628.48KB select this pdf 35 multiple choose 10 true or

false and 10 blank space all are complex question and with answer generate all question step by
step Database Recovery Questions Multiple Choice Questions (35) What is the primary purpose
of database recovery? a) To improve query performance b) To restore the database to a
consistent state after failure c) To optimize storage utilization d) To enhance data security
Answer: b) To restore the database to a consistent state after failure

Which two ACID properties are primarily ensured by database recovery? a) Atomicity and
Isolation b) Consistency and Durability c) Atomicity and Durability d) Consistency and Isolation
Answer: c) Atomicity and Durability

What type of failure affects all transactions in progress but doesn't damage the database? a)
Transaction failure b) System failure (soft crash) c) Media failure (hard crash) d) Network failure
Answer: b) System failure (soft crash)

Which recovery facility keeps track of transaction states and database changes? a) Backup
mechanism b) Logging facilities c) Checkpoint facility d) Cache manager Answer: b) Logging
facilities
What information is contained in a log file's before-image? a) The new value after update b) The
old value before update c) The transaction timestamp d) The user who made the change Answer:
b) The old value before update

In transaction recovery, what operation uses after-images from the log file? a) Undo b) Redo c)
Checkpoint d) Rollback Answer: b) Redo

What is the purpose of a checkpoint in database recovery? a) To mark the start of a transaction b)
To synchronize the database and log file c) To delete old log entries d) To optimize query
execution Answer: b) To synchronize the database and log file

Which recovery technique writes updates to the database only after commit? a) Immediate
update b) Deferred update c) Shadow paging d) Write-ahead logging Answer: b) Deferred update

What is the key characteristic of the immediate update technique? a) Updates are written to disk
before commit b) Updates are deferred until after commit c) No logging is required d) Only
shadow copies are modified Answer: a) Updates are written to disk before commit

Which protocol requires that log records be written before database updates? a) Two-phase
commit b) Write-ahead log (WAL) c) Shadow paging d) Checkpoint protocol Answer: b) Write-
ahead log (WAL)

In shadow paging, which page table is used to restore the database after failure? a) Current page
table b) Shadow page table c) Temporary page table d) Backup page table Answer: b) Shadow
page table

Which recovery technique can potentially avoid both undo and redo operations? a) Deferred
update b) Immediate update c) Shadow paging d) Write-ahead logging Answer: c) Shadow
paging

What must be done for transactions that were active at the time of a crash? a) Redo their
operations b) Undo their operations c) Ignore them d) Commit them automatically Answer: b)
Undo their operations

Which type of failure would require restoring from a backup? a) Transaction failure b) System
failure c) Media failure d) Network failure Answer: c) Media failure

What is recorded in a checkpoint record? a) All database values b) Identifiers of active

transactions c) The complete transaction log d) User authentication details Answer: b) Identifiers
of active transactions

Which recovery technique uses a NO-UNDO/REDO scheme? a) Deferred update b) Immediate

update with forced writes c) Shadow paging d) Write-ahead logging Answer: a) Deferred update
What is the first step in recovery when the database is only inconsistent? a) Restore from backup
b) Undo changes causing inconsistency c) Redo all transactions d) Rebuild indexes Answer: b)
Undo changes causing inconsistency

Which component is responsible for achieving atomicity and durability? a) Query optimizer b)
Recovery manager c) Lock manager d) Buffer manager Answer: b) Recovery manager

In the log file, what does an after-image represent? a) The state before modification b) The state
after modification c) The transaction start time d) The operation type Answer: b) The state after
modification

What must be done for transactions that committed after the last checkpoint? a) Undo their
operations b) Redo their operations c) Ignore them d) Roll them back Answer: b) Redo their
operations

Which recovery technique maintains two page tables? a) Deferred update b) Immediate update c)
Shadow paging d) Write-ahead logging Answer: c) Shadow paging

What is the purpose of the write-ahead log protocol? a) To ensure logs are written before
database updates b) To defer all writes until commit c) To eliminate the need for checkpoints d)
To optimize log storage Answer: a) To ensure logs are written before database updates

Which type of failure might be caused by a disk head crash? a) Transaction failure b) System
failure c) Media failure d) Application failure Answer: c) Media failure

In deferred update, when are changes written to the database? a) Immediately as they occur b)
After the transaction commits c) During checkpoint d) Never - only logs are updated Answer: b)
After the transaction commits

What is the main advantage of shadow paging? a) It requires less storage b) It can potentially
avoid both undo and redo c) It's faster for read-only transactions d) It eliminates the need for
concurrency control Answer: b) It can potentially avoid both undo and redo

Which recovery technique typically uses an UNDO/REDO scheme? a) Deferred update b)

Immediate update without forced writes c) Shadow paging d) Checkpoint-only recovery Answer:
b) Immediate update without forced writes

What is the correct order of scanning the log file for undo operations? a) Forward from the
beginning b) Backward from the end c) Forward from the last checkpoint d) Random access
Answer: b) Backward from the end

Which transaction state would require undo operations during recovery? a) Committed b)
Partially committed c) Active d) Terminated Answer: c) Active
What is the main disadvantage of shadow paging? a) It requires maintaining multiple versions of
data b) It's incompatible with ACID properties c) It cannot handle system failures d) It's slower
than other methods Answer: a) It requires maintaining multiple versions of data

Which operation would be needed if a system fails after commit but before all changes are
written to disk? a) Undo b) Redo c) Checkpoint d) Rollforward Answer: b) Redo

What is the purpose of the before-image in the log? a) To redo operations b) To undo operations
c) To verify constraints d) To optimize queries Answer: b) To undo operations

Which recovery technique is most commonly used in practice? a) Deferred update b) Immediate
update with WAL c) Shadow paging d) Checkpoint-only Answer: b) Immediate update with
WAL

What must be done if a transaction had not committed at failure time? a) Redo its operations b)
Undo its operations c) Commit it automatically d) Ignore it Answer: b) Undo its operations

In shadow paging, what happens to the current page table when a transaction completes? a) It is
discarded b) It becomes the shadow page table c) It is merged with the log d) It is written to
backup Answer: b) It becomes the shadow page table

Which facility enables updates to be made permanent at specific points? a) Backup mechanism b)
Logging facility c) Checkpoint facility d) Recovery manager Answer: c) Checkpoint facility

True/False Questions (10) Database recovery only deals with media failures. Answer: False
(deals with all types of failures)

The recovery manager is responsible for ensuring atomicity and durability. Answer: True

In deferred update, undo operations are never needed. Answer: True

Checkpoints eliminate the need for log files. Answer: False

Shadow paging maintains two complete copies of the database. Answer: False (maintains two
page tables, not complete copies)

The write-ahead log protocol requires that logs be written after database updates. Answer: False
(must be written before updates)

Redo operations use the before-images from the log. Answer: False (use after-images)

Media failures typically require restoring from backup. Answer: True

Immediate update always forces all writes to disk before commit. Answer: False (only in some
implementations)
Transaction failures affect all transactions currently in progress. Answer: False (system failures
affect all transactions in progress)

Fill-in-the-Blank Questions (10) The ________ manager is responsible for database recovery
operations. Answer: recovery

________ failures damage the database itself and require backup restoration. Answer: Media (or
hard crash)

The ________ image in the log is used for undo operations. Answer: before

________ update writes changes to the database only after transaction commit. Answer:
Deferred

The ________ protocol ensures log records are written before database updates. Answer: write-
ahead log (WAL)

A ________ is a synchronization point between the database and log file. Answer: checkpoint

________ paging maintains two page tables during transaction execution. Answer: Shadow

For transactions active at crash time, recovery must ________ their operations. Answer: undo

The ________ recovery technique can potentially avoid both undo and redo operations. Answer:
shadow paging

________ operations are needed for committed transactions after the last checkpoint. Answer:
Redo

Ch5-Database_Security[1].pptx PPTX 851.34KB select this pdf 35 multiple choose 10 true or

false and 10 blank space all are complex question and with answer generate all question step by
step Database Security Questions Multiple Choice Questions (35) Which of the following is
NOT one of the main objectives of database security? a) Confidentiality b) Integrity c)
Availability d) Durability Answer: d) Durability

What does the "C" in the "BRAVE" acronym for database security threats stand for? a)
Cryptography b) Confidentiality c) Consistency d) Classification Answer: (Trick question -
"BRAVE" stands for Backup/Journaling, RAID, Authorization, Views, Encryption)

Which security mechanism creates virtual relations to hide parts of the database? a) Encryption b)
Views c) RAID d) Journaling Answer: b) Views

In access control terminology, what is considered the "active entity"? a) Object b) Subject c)
Privilege d) Operation Answer: b) Subject
Which access control policy allows object owners to determine access rights? a) Mandatory
Access Control (MAC) b) Role-Based Access Control (RBAC) c) Discretionary Access Control
(DAC) d) Rule-Based Access Control Answer: c) Discretionary Access Control (DAC)

What is the purpose of the GRANT OPTION in SQL? a) To allow the grantee to revoke
privileges b) To allow the grantee to further grant the privilege c) To limit the duration of the
privilege d) To encrypt the granted data Answer: b) To allow the grantee to further grant the
privilege

In Mandatory Access Control (MAC), what is the "no read up" rule? a) Subjects can only read
objects of equal or higher classification b) Subjects can only read objects of equal or lower
classification c) Subjects can read any object with proper authentication d) Subjects must write
before reading Answer: b) Subjects can only read objects of equal or lower classification

Which security measure uses data striping across multiple disks? a) Backup b) RAID c)
Encryption d) Views Answer: b) RAID

What is the primary advantage of Role-Based Access Control (RBAC)? a) It's the most secure
access control method b) It simplifies privilege management for groups of users c) It eliminates
the need for authentication d) It provides the fastest access to data Answer: b) It simplifies
privilege management for groups of users

Which SQL statement would revoke SELECT privileges on a table from a user? a) DELETE
SELECT ON table FROM user b) REMOVE SELECT ON table FROM user c) REVOKE
SELECT ON table FROM user d) CANCEL SELECT ON table FOR user Answer: c) REVOKE
SELECT ON table FROM user

What is the purpose of encryption in database security? a) To improve query performance b) To

make data unreadable without proper decryption c) To compress database files d) To create
backup copies Answer: b) To make data unreadable without proper decryption

Which component of database security deals with verifying user identities? a) Authorization b)
Authentication c) Accounting d) Auditing Answer: b) Authentication

In MAC, what determines a subject's access rights? a) The object owner b) The system
administrator c) The subject's role d) The subject's preferences Answer: b) The system
administrator

What happens when a privilege is revoked from a user who had GRANT OPTION? a) Only that
user loses the privilege b) All users granted the privilege by that user also lose it c) The privilege
is transferred to another user d) The object is automatically encrypted Answer: b) All users
granted the privilege by that user also lose it

Which of these is NOT typically considered part of database security scope? a) Hardware b)
Software c) People d) Network latency Answer: d) Network latency
What is the primary purpose of the access control matrix? a) To optimize query performance b)
To define which subjects can access which objects with what rights c) To encrypt sensitive data
d) To create database backups Answer: b) To define which subjects can access which objects
with what rights

Which security level would be highest in a military MAC system? a) Unclassified b) Restricted c)
Confidential d) Top Secret Answer: d) Top Secret

What is the main vulnerability of Discretionary Access Control (DAC)? a) It's too complex to
manage b) Privileges can propagate uncontrollably c) It requires constant password changes d) It
slows down database performance Answer: b) Privileges can propagate uncontrollably

Which SQL command would create a role called "manager"? a) ADD ROLE manager b)
CREATE ROLE manager c) NEW ROLE manager d) MAKE ROLE manager Answer: b)
CREATE ROLE manager

In RBAC, what is assigned to users to determine their privileges? a) Security classifications b)

Roles c) Ownership rights d) Encryption keys Answer: b) Roles

What is the primary benefit of data striping in RAID? a) Improved I/O performance through
parallelism b) Automatic encryption of data c) Elimination of the need for backups d) Simplified
user authentication Answer: a) Improved I/O performance through parallelism

Which security mechanism would be most appropriate for protecting data during transmission? a)
Views b) RAID c) Encryption d) Journaling Answer: c) Encryption

What is the main characteristic of Mandatory Access Control (MAC)? a) Flexible, user-defined
access rules b) Centralized, administrator-defined security policy c) Role-based privilege
assignment d) Automatic privilege propagation Answer: b) Centralized, administrator-defined
security policy

Which of these would be considered an "object" in access control terms? a) A database user b) A
table or record c) An application program d) A network connection Answer: b) A table or record

What happens when you GRANT a privilege WITH GRANT OPTION? a) The privilege cannot
be revoked b) The grantee can grant the privilege to others c) The privilege is automatically
encrypted d) The privilege expires after a set time Answer: b) The grantee can grant the privilege
to others

Which security measure helps ensure data availability in case of hardware failure? a) Views b)
RAID technology c) Encryption d) Access control lists Answer: b) RAID technology

In MAC, what is the "no write down" rule? a) Subjects can only write to objects of equal or
higher classification b) Subjects can only write to objects of equal or lower classification c)
Subjects must read before writing d) Subjects can't write to encrypted objects Answer: a)
Subjects can only write to objects of equal or higher classification
What is the primary purpose of creating a view for security purposes? a) To improve query
performance b) To restrict the data visible to certain users c) To encrypt sensitive data d) To
create backup copies Answer: b) To restrict the data visible to certain users

Which database security component is responsible for maintaining a log of changes? a) Backup
system b) Journaling system c) Encryption module d) Access control manager Answer: b)
Journaling system

What is the main advantage of RBAC over individual user privileges? a) It provides stronger
encryption b) It's more flexible for ad-hoc queries c) It simplifies security administration d) It
eliminates the need for authentication Answer: c) It simplifies security administration

Which SQL command would grant UPDATE privileges on only the salary column? a) GRANT
UPDATE(salary) ON employee TO user b) GRANT UPDATE ON employee.salary TO user c)
GRANT salary UPDATE ON employee TO user d) GRANT UPDATE ON employee COLUMN
salary TO user Answer: a) GRANT UPDATE(salary) ON employee TO user

What is the primary security risk that RAID technology addresses? a) Unauthorized access b)
Data corruption c) Disk drive failures d) Weak passwords Answer: c) Disk drive failures

In DAC, who typically owns a newly created database table? a) The DBA b) The user who
created it c) The system administrator d) All users with create privileges Answer: b) The user
who created it

Which security mechanism transforms data into unreadable form without the proper key? a)
Views b) RAID c) Encryption d) Journaling Answer: c) Encryption

What is the main purpose of the "no read up" rule in MAC? a) To prevent subjects from viewing
sensitive information b) To improve database performance c) To simplify privilege management
d) To enable data sharing Answer: a) To prevent subjects from viewing sensitive information

True/False Questions (10) Database security only concerns protecting against intentional threats.
Answer: False (also protects against accidental threats)

Views can be used as a security mechanism to restrict data access. Answer: True

In DAC, privileges granted WITH GRANT OPTION cannot be revoked. Answer: False

RBAC assigns privileges directly to individual users. Answer: False (assigns privileges to roles,
then roles to users)

The "no write down" rule in MAC prevents users from writing to lower classification levels.
Answer: True

RAID technology eliminates the need for database backups. Answer: False
Authentication verifies what actions a user is allowed to perform. Answer: False (authentication
verifies identity, authorization verifies actions)

Encryption is primarily used to improve database performance. Answer: False

In MAC, security classifications are determined by object owners. Answer: False (determined by
system administrators)

Journaling maintains a log of database changes for recovery purposes. Answer: True

Fill-in-the-Blank Questions (10) The ________ property ensures authorized users can access
data when needed. Answer: availability

________ is the process of verifying a user's identity. Answer: Authentication

The ________ access control policy is most commonly used in military systems. Answer:
Mandatory (or MAC)

________ privileges allow a user to grant their privileges to others. Answer: WITH GRANT
OPTION

The SQL command ________ removes privileges from a user. Answer: REVOKE

________ creates virtual tables that restrict data visibility. Answer: Views

In MAC, the ________ rule prevents writing to lower security levels. Answer: no write down

________ technology uses multiple disks to improve reliability and performance. Answer: RAID

The ________ security principle prevents unauthorized data modification. Answer: integrity

________ Access Control assigns privileges based on job functions rather than individual users.
Answer: Role-Based (or RBAC)