P1L7 Flashcards

1
Q

importance of database security

A
  • database stores sensitive data
  • its structure influences how it’s accessed
  • writen in language like SQL
  • transactional nature (action done or not)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

database main threat is from hacker or insider?

A

insider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

database relations or tables is defined by

A

schema

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

database relations or tables consists of

A

tuples

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what’s a key

A

value that uniquely define a tuple or a row

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SQL operations on relations

A

select, insert, update, join, and delete

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

database access control

A

GRANT and REVOKE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

GRANT syntax

A

GRANT {privilege} [ON TABLE] TO {user} [password] [WITH GRANT OPTION]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

REVOKE syntax

A

REVOKE {privilege} [ON TABLE] FROM {user}

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

SQL privilege

A

SELECT, INSERT, UPDATE, DELETE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

SQL injection can impact

A

confidentiality (extract data) and integrity (corrupt data)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Can sql injection be craft by using web application vulnerability?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

inference attack

A

certain aggregate/stat queries can be allowed by all user, and hacker abuse that

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

defense against attacks

A
  • do not allow aggregate

- transform data by de-identification or anonymization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly