5.1 Database Security Flashcards

1
Q

What is Database Security?

A

A set of established standards, procedures, policies and tools used to protect the contents of our database from theft, intrusions misuse & attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the Database Security Objectives?

A

Confidentiality
Availability
Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What types of data can be stolen from databases (theft of information)?

A

Personal data - who lives where
Bank account data
Business data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What needs to be considered in a risk assessment?

A

Risk assessments applies to database as well as other system areas but specifically look at:
What are the assets that need protection?
What costs would the threats occur?
Is the whole database vulnerable or a specific part?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the threats involved?

A

System crashes, resulting in loss of main memory
Media failures, resulting in loss of parts of secondary storage
Application software errors
Natural physical disasters
Carelessness or unintentional destruction of data or facilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What needs to be considered in a threat assessment?

A

Threat impact may depend on a number of factors:
Whether or not alternative hardware & software can be used
When the last backups were taken
Time needed to restore the system
Whether or not the lost data can be recovered or recaptured

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What should be considered with security levels?

A

Security needs should be identified & appropriate countermeasures taken
Balance between cost-effectiveness & usability & the need for secure environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is middleware?

A

Monitors external requests sent asking for access to the database & database environment’s response to these requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What questions need to be considered for database users?

A

Who are they?
What do they need from the system?
What level of access are we going to give them?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How should Database Security Design be considered?

A

Design in security from the start:
Design the Security Protocols
Design the Security Procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly