Oracle Database 10g: Security

Kurz na míru

Základní info

In this course, the students learn how they can use Oracle database features to meet the security requirements of their organization. They learn how to secure their database and how to use the database features that enhance security. The course starts with basic database security features, and progresses to basic Oracle Network features. Also covered are using Connection Manager as a firewall, middle tier authentication, virtual private database, various forms of database auditing, and introductions to Oracle Label Security and Enterprise Identity Management.

Use basic database security features
Manage secure application roles
Secure the database and its listener
Manage users using proxy authentication with an application context
Manage secure application roles
Implement fine-grain access control
Manage the Virtual Private Database (VPD)


Posluchači
Database Administrators
Sales Consultants
Support Engineer
Technical Consultant

Předpoklady
Znalosti z kurzu Oracle Database 10g - Administration I

Cíle kurzu
Using basic database security features
Choosing a user authentication model
Securing the database and its listener
Managing users using proxy authentication with an application context
Managing secure application roles
Implementing fine-grain access control
Managing the Virtual Private Database (VPD)
Implementing fine-grain auditing
Implementing a simple CMAN Firewall
Encrypting and Decrypt table columns
Setting up a Label Security policy




Témata kurzu

Introduction
Describe the fundamental security requirements
Describe the principle of least privilege
Develop checklists

Basic Database Security
Apply the principle of least privilege to the database
Maintain current software (Critical Patch Update)
Lock and expire default user accounts
Change default user passwords
Create Strong Passwords
Enforce password management
Protect the data dictionary
Revoke unnecessary privileges from PUBLIC

Database Auditing
Implement basic database auditing
Implement the Privileged User Auditing
Implement Fine-Grained Auditing (FGA)
Maintain FGA policies
Implement an FGA audit event handler
Read FGA audit events from the FGA audit trail

Oracle Net Services Security Checklists
Describe the items on the security checklist
Limit the privileges of the listener
Secure External Procedures
Restrict access by IP address
Mitigate the effects of a DoS attack
Audit network connections using logs
Describe the issues with client authentication
Describe the role of ASO in Network Security

Using Connection Manager as a Firewall
Configure Connection Manger to accept and reject connection requests
Configure Connection Manager to log connection events
Read connection events from the Connection Manger log

Application Context
Describe the types of application contexts
Describe how application context is used with proxy users and FGAC
Implement a local context

Fine-Grained Access Control
Describe how FGAC and VPD work
Implement FGAC or VPD
Group policies

Label Security
Describe Label Security
Install Label Security
Implement a simple Label Security Policy

Enterprise Identity Management
Describe the Infrastructure required for EIM
Create an Enterprise User
Integrate the Enterprise User with Database Security
Audit the Enterprise User

Middle-tier authentication
Describe how proxy authentication works
Manage users being authenticated using proxy authentication
Describe how secure application roles work
Manage roles and users using secure application roles

Encrypting Table Data
Describe the encryption options available with Oracle Database 10g
Generate random encryption keys
Encrypt and decrypt table columns

Securing SQL*Plus and iSQL*Plus
Describe how the PRODUCT_USER_PROFILE (PUP) table is used in SQL*Plus
Use the PUP table to disable commands or roles in SQL*Plus using PUP
Describe how users access iSQL*Plus
Disable and enable iSQL*Plus
Enable DBA access to iSQL*Plus
Enable iSQL*Plus authentication for users
Restrict the database instances accessible through iSQL*Plus

Oracle Database 10g: Security

Kontakt na dodavatele získáte po registraci

Tento kurz je pořádán dodavatelem, který nevyužívá placenou prezentaci na portálu Abravito.

Kontaktní údaje na dodavatele získáte po registraci.

Nebo použijte poptávkový formulář.