4f Security Of Distibuted Databases

Question 0

The directors are to distribute their MIS database to all salons.

Explain four recommendations that you would make to the directors of the salons to make the distributed database(s) more secure.

Answer 0

One mark for recommendation, one for expansion eg
 user names / passwords (1) this will prevent unauthorised
access (1)
 use of secure links (1) needed when updating database to
ensure no interception takes place during transmission (1)
 virus protection / anti-spyware (1) updated regularly at each
location to guard against latest versions and prevent
intrusion (1)
 firewall (1) to examine / control data coming into and out of
the system to prevent unauthorised users gaining entry to the database / executing any programs which may affect its running (1)
 access levels / rights (1) limits individuals at each site as to what they can do/see and maintains the integrity of the data (1)
 individual made responsible for security / physical security at each location (1) locked doors / security patrols will ensure only authorised people will be allowed in (1)
 auditing of database changes (1) transaction logs will identify any unauthorised changes that have taken place (1)
 encryption of data (1) this will make it meaningless if it is intercepted (1)

Question 1

The directors are concerned about the security of the hotel databases.
Describe three security issues that are associated with distributed databases. (6)

Answer 1

risk of virus (1) can spread from one database to
others (1)
 increased risk of hacking (1) because of multiple
locations (1)
 unencrypted data (1) greater risk of interception
during transmission (1)
 control of access to data (1) to ensure only those
who need access are authorised (1)
 risk of data not being synchronised (1) when
updating databases (1)
 physical security (1) to areas containing access
points (1)
[6]