* Question:

In which 2 situations would Fine-Grained Auditing be beneficial:

You need to track all accesses of the EMPLOYEE table.
You need to identify all users who updated the CUSTOMER table on a
specific date.
You want to be able to compare the before and after values of each
update of the PRICE column of the PRODUCT table.
You want to alert the Human Resources Administrator any time someone
accesses an executive's salary in the EMPLOYEE table.
You want to allow unaudited access to the CONTACT_ ADDRESS column of the
CUSTOMER table from within your organization, but track any access to
the CONTACT_ADDRESS column that occurs via the Internet.

* Answer

FGA is for "select" only. Therefore the first 3 choices are
immediately eliminated.

Choice d is obviously qualified. In dbms_fga.add_policy, salary would
be the audit_column, employee would be the object_name, and executive
title would be in audit_condition.

Choice e is also possible - by extending choice d a little. In
audit_condition, you check who the querying user is by using
SYS_CONTEXT. For example, you can create a user group id fuction like:

create or replace function groupid return number as
igrp number;
begin
select groupid into igrp from usergrp where
username=sys_context('userenv','session_user');
return igrp;
end;

it looks up a user table called usergrp which identifies the querying
user as internal or external. Assuming that for this case, 1 is
internal and 2 is external, you can specify audit_condition as

groupid=2;

for the Internet users who you want to track. Internal users will fail
the audit condition and will therefore not be audited.