OCP 1Z0 052 37

37. You execute the following command to audit database activities: 
SQL> AUDIT DROP ANY TABLE BY scott BY SESSION WHENEVER SUCCESSFUL; 
What is the effect of this command? 
A.One audit  record  is created  for every successful DROP TABLE command executed  in  the session of 
SCOTT. 
B.One audit record is generated for the session when SCOTT grants the DROP ANY TABLE privilege to 
other users. 
C.One audit record is created for the whole session if user SCOTT successfully drops one or more tables 
in his session. 
D.One audit record is created for every session of any other user in which a  table owned by SCOTT is 
dropped successfully.  
E.One audit record is created for every successful DROP TABLE command executed by any user to drop 
tables owned by SCOTT. 
Answer: C  

SQL> show user
USER is "SYS"
SQL> AUDIT DROP ANY TABLE BY scott BY SESSION WHENEVER SUCCESSFUL;
AUDIT DROP ANY TABLE BY scott BY SESSION WHENEVER SUCCESSFUL
                                 *
ERROR at line 1:
ORA-32595: DDL statement cannot be audited with BY SESSION specified


SQL> AUDIT DROP ANY TABLE BY scott BY access WHENEVER SUCCESSFUL;

Audit succeeded.

유행 이 지난 문제, BY SESSION 의 설명 참조
BY SESSION
In earlier releases,  BY   SESSION  caused the database to write a single record for all SQL statements or operations of the same type executed on the same schema objects in the same session. Beginning with this release of Oracle Database, both  BY   SESSION  and  BY   ACCESS  cause Oracle Database to write one audit record for each audited statement and operation.  BY   SESSION  continues to populate different values to the audit trail compared with  BY   ACCESS . Oracle recommends that you include the  BY   ACCESS  clause for all  AUDIT  statements, which results in a more detailed audit record. If you specify neither clause, then  BY SESSION  is the default.
Note: This change applies only to schema object audit options, statement options and system privileges that audit SQL statements other than data definition language (DDL) statements.
The database has always audited  BY   ACCESS  all SQL statements and system privileges that audit a DDL statement.
SQLRF55571BY ACCESS
Specify  BY   ACCESS  if you want Oracle Database to write one record for each audited statement and operation.
Note: If you specify either a SQL statement shortcut or a system privilege that audits a data definition language (DDL) statement, then the database always audits by access. In all other cases, the database honors the  BY   SESSION  or  BY   ACCESS  specification.
For statement options and system privileges that audit SQL statements other than DDL, you can specify either  BY   SESSION  or  BY   ACCESS .  BY   SESSION  is the default.