SQL security administration: The GRANT statement is used to perform which of the following actions in a database system?

Introduction / Context:
Controlling access is central to database security. SQL provides GRANT and REVOKE to manage who can do what. Understanding GRANT helps administrators delegate capabilities properly.

Given Data / Assumptions:

• Users and roles exist in the database security model.
• Objects include schemas, tables, views, procedures, and more.
• Privileges include system-level and object-level permissions.

Concept / Approach:
GRANT assigns privileges. System privileges (e.g., CREATE SESSION), object privileges (e.g., SELECT on a table), and roles can be granted to users or roles. Auditing configuration is separate; simply allowing ‘‘database access’’ without privileges is not how secure systems work.

Step-by-Step Solution:

Verification / Alternative check:
Example: GRANT SELECT ON schema.table TO analyst_role; GRANT CREATE USER TO dba_assistant; confirms GRANT's function.

Why Other Options Are Wrong:

• Auditing choices are configured via auditing features, not GRANT.
• ‘‘Allow user to create databases only’’: too narrow and vendor-specific.
• ‘‘Allow user to access databases’’: access requires explicit privileges—administered via GRANT, but the correct description must name privileges/roles.

Common Pitfalls:
Assuming ‘‘access’’ is an on/off switch; in relational databases, access is granular and controlled via privileges granted to principals.

Final Answer:
Grant system privileges, roles, and object privileges to users and roles