In this course, the students learn how they can use Oracle database features to meet the security requirements of their organization. They learn how to secure their database and how to use the database features that enhance security. The course starts with basic database security features, and progresses to basic Oracle Network features. Also covered are using Connection Manager as a firewall, middle tier authentication, virtual private database, various forms of database auditing, and introductions to Oracle Label Security and Enterprise Identity Management.
Use basic database security features
Manage secure application roles
Secure the database and its listener
Manage users using proxy authentication with an application context
Manage secure application roles
Implement fine-grain access control
Manage the Virtual Private Database (VPD)
Posluchači
Database Administrators
Sales Consultants
Support Engineer
Technical Consultant
Předpoklady
Znalosti z kurzu Oracle Database 10g - Administration I
Cíle kurzu
Using basic database security features
Choosing a user authentication model
Securing the database and its listener
Managing users using proxy authentication with an application context
Managing secure application roles
Implementing fine-grain access control
Managing the Virtual Private Database (VPD)
Implementing fine-grain auditing
Implementing a simple CMAN Firewall
Encrypting and Decrypt table columns
Setting up a Label Security policy
Témata kurzu
Introduction
Describe the fundamental security requirements
Describe the principle of least privilege
Develop checklists
Basic Database Security
Apply the principle of least privilege to the database
Maintain current software (Critical Patch Update)
Lock and expire default user accounts
Change default user passwords
Create Strong Passwords
Enforce password management
Protect the data dictionary
Revoke unnecessary privileges from PUBLIC
Database Auditing
Implement basic database auditing
Implement the Privileged User Auditing
Implement Fine-Grained Auditing (FGA)
Maintain FGA policies
Implement an FGA audit event handler
Read FGA audit events from the FGA audit trail
Oracle Net Services Security Checklists
Describe the items on the security checklist
Limit the privileges of the listener
Secure External Procedures
Restrict access by IP address
Mitigate the effects of a DoS attack
Audit network connections using logs
Describe the issues with client authentication
Describe the role of ASO in Network Security
Using Connection Manager as a Firewall
Configure Connection Manger to accept and reject connection requests
Configure Connection Manager to log connection events
Read connection events from the Connection Manger log
Application Context
Describe the types of application contexts
Describe how application context is used with proxy users and FGAC
Implement a local context
Fine-Grained Access Control
Describe how FGAC and VPD work
Implement FGAC or VPD
Group policies
Label Security
Describe Label Security
Install Label Security
Implement a simple Label Security Policy
Enterprise Identity Management
Describe the Infrastructure required for EIM
Create an Enterprise User
Integrate the Enterprise User with Database Security
Audit the Enterprise User
Middle-tier authentication
Describe how proxy authentication works
Manage users being authenticated using proxy authentication
Describe how secure application roles work
Manage roles and users using secure application roles
Encrypting Table Data
Describe the encryption options available with Oracle Database 10g
Generate random encryption keys
Encrypt and decrypt table columns
Securing SQL*Plus and iSQL*Plus
Describe how the PRODUCT_USER_PROFILE (PUP) table is used in SQL*Plus
Use the PUP table to disable commands or roles in SQL*Plus using PUP
Describe how users access iSQL*Plus
Disable and enable iSQL*Plus
Enable DBA access to iSQL*Plus
Enable iSQL*Plus authentication for users
Restrict the database instances accessible through iSQL*Plus