oracle 200x118 wht
7926  Reviews star_rate star_rate star_rate star_rate star_half

Oracle Database Security Administration

This Oracle Database Security Administration training course teaches attendees how to leverage the security features built into the Oracle database. Skills Gained Learn about the security issues that...

Read More
Course Code ORC-408
Duration 3 days
Available Formats Classroom

This Oracle Database Security Administration training course teaches attendees how to leverage the security features built into the Oracle database.

Skills Gained

  • Learn about the security issues that must be addressed
  • Work with Oracle’s standard security capabilities
  • Use the Advanced Security Option

Prerequisites

  • Understanding of Oracle database and instance architecture
  • Familiarity with SQL and basic PL/SQL
  • Able to work with Linux command-line tools

Course Details

Outline

Introduction

  • Standards and risks: assessing the need
  • Developing a security policy
  • Multi-layered security: defense in depth
  • Selecting a security solution

SQL Injection

  • What is SQL injection?
  • How can injections be made?
  • How can attempted injections be blocked?

User Authentication

  • Authentication delegated to the operating system
  • Administrative user authentication
  • Use of a password file
  • Data dictionary password authentication
  • Proxy authentication
  • Using the external secure password store
  • Authentication by external services

Basic Access Control with Roles and Privileges

  • Direct system and object privileges
  • Grouping privileges into roles
  • Enabling and disabling roles

Some More Advanced Topics with Roles and PL/SQL

  • Secure application roles
  • Assigning roles through OS authentication
  • The PL/SQL privilege model: definers and invokers rights code
  • Code-based access control
  • Privilege inheritance and controlling privilege escalation
  • Privilege usage analysis

Database links

  • Public and private database links
  • Authentication options for links
  • Security risks and auditing of links

Virtual Private Database

  • Local and global application contexts
  • Using contexts for fine grained access control
  • Row level security
  • VPD performance issues

Control Access to the Operating System

  • Access to the server file system with PL/SQL
  • Use of directories
  • Access to network facilities with PL/SQL
  • Use of Scheduler external jobs
  • External procedure

Encryption Within the Database

  • Programmatic data encryption
  • Transparent column encryption
  • Transparent tablespace encryption
  • Key management

Encryption Outside the Database

  • Encryption in the redo stream
  • Encrypted backups
  • Encrypting in export dumps

Concealing Data

  • The Data Masking Pack
  • Data redaction
  • Transparent Sensitive Data Protection

Network Security

  • Encrypting network traffic
  • Access control with Oracle Net
  • Access control with the Connection Manager

Audit

  • Traditional audit: users, privileges, and objects
  • Fine Grained Auditing
  • Auditing SYS activity
  • Auditing with triggers
  • Unified audit

Conclusion