👁 0
Q: What is dynamic SQL?
Answer:
Dynamic SQL constructed at runtime. PREPARE creates executable. EXECUTE runs it. EXECUTE IMMEDIATE for one-time. DECLARE CURSOR for queries. More flexible but less efficient than static. Security concerns (injection).
👁 0
Q: Explain VIEW creation
Answer:
VIEW is saved query. CREATE VIEW name AS SELECT... WITH CHECK OPTION enforces WHERE on updates. Can be updatable if simple. Views for security, simplification. Materialized views (MQT) store data.
👁 0
Q: What is GRANT and REVOKE?
Answer:
GRANT gives privileges: GRANT SELECT ON table TO user. REVOKE removes: REVOKE SELECT ON table FROM user. Privileges: SELECT, INSERT, UPDATE, DELETE, EXECUTE. WITH GRANT OPTION allows re-granting. Essential for security.
👁 0
Q: What is Distributed Data Facility (DDF)?
Answer:
DDF enables remote DB2 access. TCP/IP and SNA connectivity. DRDA protocol. Location name identifies target. Three-part names: location.schema.table. Network security considerations.
👁 0
Q: What is ERASE on DELETE?
Answer:
ERASE overwrites data with binary zeros. Physical erase before space release. Security requirement for sensitive data. Takes time. Without ERASE, data remains until overwritten.
👁 0
Q: How to force uncataloged?
Answer:
VOL=SER=volume forces uncataloged access. DISP=(OLD,KEEP). System searches specified volume, not catalog. UNIT required. Bypasses catalog entirely. Useful for specific volume access. Security still applies.
👁 0
Q: Explain PCT
Answer:
PCT (Program Control Table) defines transactions. Now RDO TRANSACTION. Links TRANSID to initial program. Security, priority, other options. CEDA DEFINE TRANSACTION.
👁 0
Q: What is stored procedure?
Answer:
Stored procedure is saved SQL code. CREATE PROCEDURE name(params) BEGIN SQL statements END. CALL name(values) executes. Can have IN/OUT/INOUT parameters. Reduces network traffic. Logic in database. Security benefits.
👁 0
Q: How to prevent SQL injection?
Answer:
Use parameter markers (?), not concatenation. PREPARE stmt FROM 'SELECT * FROM t WHERE c = ?'. EXECUTE stmt USING :hostvar. Never build SQL with user input directly. Validate input. Use static SQL when possible.
👁 0
Q: What is zparm?
Answer:
ZPARM (DSNZPARMs) are DB2 installation parameters. Control system behavior, limits, defaults. DSNZPARM module loaded at startup. Changes need restart usually. Critical for performance and security tuning.
👁 0
Q: What is ERASE parameter?
Answer:
ERASE overwrites data on delete. DELETE CLUSTER ERASE. Security feature - data unrecoverable. Without ERASE, space released but data remains. Use for sensitive data.
👁 0
Q: What causes S913 abend?
Answer:
S913 is security violation. Not authorized to dataset or resource. Check: RACF/ACF2/TopSecret permissions, dataset profile, user authority level. S913-38 means insufficient access. Contact security administrator.
👁 0
Q: What is RETPD parameter?
Answer:
RETPD=nnn specifies retention days. Cannot delete until expired. EXPDT=yyddd for specific date. EXPDT=99365 or RETPD=9999 for permanent. Security software may override. Affects tape and disk datasets.
👁 0
Q: Explain EXPDT parameter?
Answer:
EXPDT=yyddd or EXPDT=yyyyddd expiration date. After this date, dataset can be deleted. EXPDT=99365 effectively permanent (1999 or 2099). RETPD alternative. Security software may enforce or override.
👁 0
Q: How to handle CICS security?
Answer:
RACF/ACF2 integration. EXEC CICS QUERY SECURITY. SIGNON establishes identity. VERIFY checks resource access. XFCT/XPPT exits. Secure by default.
👁 0
Q: What is CICS resource protection?
Answer:
Protection via RACF/external security. SEC=YES on region. QUERY SECURITY for checks. SECLABEL for levels. Program security attributes.