WK4 SQL filtering versus Linux filtering Flashcards

1
Q

Accessing SQL

A

There are many interfaces for accessing SQL and many different versions of SQL. One way to access SQL is through the Linux command line.

To access SQL from Linux, you need to type in a command for the version of SQL that you want to use. For example, if you want to access SQLite, you can enter the command sqlite3 in the command line.

After this, any commands typed in the command line will be directed to SQL instead of Linux commands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Differences between Linux and SQL filtering

A

Although both Linux and SQL allow you to filter through data, there are some differences that affect which one you should choose.

  1. Structure
  2. Joining tables
  3. Best uses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Differences between Linux and SQL filtering

  1. Structure
A

SQL offers a lot more structure than Linux, which is more free-form and not as tidy.

For example, if you wanted to access a log of employee log-in attempts, SQL would have each record separated into columns. Linux would print the data as a line of text without this organization. As a result, selecting a specific column to analyze would be easier and more efficient in SQL.

In terms of structure, SQL provides results that are more easily readable and that can be adjusted more quickly than when using Linux.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Differences between Linux and SQL filtering

  1. Joining tables
A

Some security-related decisions require information from different tables. SQL allows the analyst to join multiple tables together when returning data. Linux doesn’t have that same functionality; it doesn’t allow data to be connected to other information on your computer. This is more restrictive for an analyst going through security logs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Differences between Linux and SQL filtering

  1. Best uses
A

As a security analyst, it’s important to understand when you can use which tool. Although SQL has a more organized structure and allows you to join tables, this doesn’t mean that there aren’t situations that would require you to filter data in Linux.

A lot of data used in cybersecurity will be stored in a database format that works with SQL. However, other logs might be in a format that is not compatible with SQL. For instance, if the data is stored in a text file, you cannot search through it with SQL. In those cases, it is useful to know how to filter in Linux.

To work with SQL, you can access it from multiple different interfaces, such as the Linux command line. Both SQL and Linux allow you to filter for specific data, but SQL offers the advantages of structuring the data and allowing you to join data from multiple tables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly