Oracle Database Vault (https://www.oracle.com/database/technologies/security/db-vault.html ) could serve your needs.
However, Database Vault is not available for Oracle 18c XE.
Please remember that the Express Edition is free software which does not provide all features of the Oracle Enterprise.
You may want to consider the Oracle Cloud Autonomous Transaction Processing (free tier is available) for a scenario where data security is a high concern.
Security wise You are definitely missing something.
If you are concerned people have access to the user who created the database then do something about that.
But in the end, the user that installed the database can use 'sqlplus / as sysdba' to turn it all around, or even orapwd.exe I guess.
What do you mean by turning it around?
Btw, "as sysdba" uses OS authentication provided you are a local user belonging to the OSDBA system group. It always connects to the SYS schema regardless of the user and password you specify. It does not rely on any user or password inside the database. You can also use "humpty/dumpty as sysdba".
The ability to prevent the DBA from seeing your data requires $$$.
Oracle Database Vault would be what you'd use.
I don't know if Oracle Cloud (free tier) implements this or not.
If the Paid Tier does, I'm sure an Oracle Sales Rep will let you know.
I have some sensitive data I wish to install in an Oracle 18c XE
Many people will say that "installing on unpatched, unsupported version of Oracle" would be your first mistake.
If you want to keep data as secure as you seem to claim, you will use the most recent version with the most up-to-date patches. ( I believe Oracle Cloud does this for you automatically)
It sounds like you are trying to install "private data" on a laptop.
I would say "That is a mistake" also.
One of the first questions asked by "various entities that verify you are following Best Practices for data security" is:
Are the physical computers located in a physically controlled area with limited physical access?
(or something to that affect)
By its very nature, a laptop does not fall into this category.
If you want to protect the data as much as you claim, you would start by ensuring your data is located in a place that can answer this question with a "YES".
I'm assuming Oracle Cloud fits that description.
Mistake 3 (joke)
Others would say that this is your 2nd mistake. But, I'll classify that as a more of a "religious" debate. Please take this statement as a joke.
I'm pretty sure that Oracle Cloud (ATP/ADW) is not on Windows.
AFAIK - Oracle Cloud tablespaces are already using TDE by default.
I forgot where I read it. I'm not sure if that is true for Free Tier.
Oracle Cloud accounts
When you create an Autonomous Database (automatic Transaction Processor [ATP]/Automatic Data Warehouse [ADW]) on Oracle Cloud, you start off with one DBA account ( ADMIN ).
From there, you can add other users (including an APEX Workspace).
Another win for Oracle Cloud: You get 20GB on Oracle Cloud Free Tier. You get 12GB on XE.
Overall, if you want to keep private data private (while using free stuff), you'll use the Oracle Cloud Free Tier, not XE
Best of all: It is free
PS - When I created my account, It asked for a Credit Card. The system made (and then reascended) a $1 charge. My bank sent me an Alert for that charge.