Oracle Database Security Administration Training
Duration: 3 Days
Learn the security features built into the Oracle database in this hands-on class. This includes Standard Edition facilities, also facilities available only with Enterprise Edition licences and with EE options. Most of the activities require use of command line utilities. As with all SkillBuilders courses, this class (if conducted at your company facilities) is highly customizable to your specific training requirements. The content does not include detail of the Data Vault, or the Audit Vault and Database Firewall option. The current release of the database is used for exercises and demonstrations, and the content back-ported as necessary for previous releases.
Oracle Certified Master John Watson
- Standards and risks: assessing the need
- Developing a security policy
- Multi-layered security: defence in depth
- Selecting a security solution
- What is SQL injection?
- How can injections be made?
- How can attempted injections be blocked?
- Authentication delegated to the operating system
- Administrative user authentication
- Use of a password file
- Data dictionary password authentication
- Proxy authentication
- Using the external secure password store
- Authentication by external services
- Direct system and object privileges
- Grouping privileges into roles
- Enabling and disabling roles
- Secure application roles
- Assigning roles through OS authentication
- The PL/SQL privilege model: definers and invokers rights code
- Code based access control
- Privilege inheritance and controlling privilege escalation
- Privilege usage analysis
- Public and private database links
- Authentication options for links
- Security risks and auditing of links
- Local and global application contexts
- Using contexts for fine grained access control
- Row level security
- VPD performance issues
- Access to the server file system with PL/SQL
- Use of directories
- Access to network facilities with PL/SQL
- Use of Scheduler external jobs
- External procedure
- Programmatic data encryption
- Transparent column encryption
- Transparent tablespace encryption
- Key management
- Encryption in the redo stream
- Encrypted backups
- Encrypting in export dumps
- The Data Masking Pack
- Data redaction
- Transparent Sensitive Data Protection
- Encrypting network traffic
- Access control with Oracle Net
- Access control with the Connection Manager
- Traditional audit: users, privileges, and objects
- Fine Grained Auditing
- Auditing SYS activity
- Auditing with triggers
- Unified audit