Securança em Oracle Database 10g

SEC10g - Oracle Database 10g Security


Descrição:

In this course, the students learn how they can use Oracle database features to meet the security and compliance requirements of their organization. The current regulatory environment of the Sarbanes-Oxley Act, HIPPA, the UK Data Protection Act, and others requires better security at the database level. Students learn how to secure their database and how to use the database features that enhance security. The course provides suggested architectures for common problems. This course explains the security features of the database like auditing, column and file encryption, virtual private database, label security and enterprise user security. Some of the Oracle Network security topics like securing the listener and restricting connections by IP address are also covered.

Tópicos:
  • Security Requirements
    • Security requirements
    • Basic Requirements
    • Components for enforcing security
    • Define Least Privilege
    • Enforce Security Policies
    • Security in Depth(OS/database/network) Hardening each level

  • Security Solutions
    • Preventing Exploits (Industry standard practices)
    • Data Protection California Breach Law
    • Data Access Control HIPPA, UK Data Protection
    • Middle-Tier Authentication/Authorization
    • Consistent checklist
    • Network Wide Authentication

  • Internal Database Security
    • Installation and patching
    • Privileged accounts
    • Manage user accounts and privileges

  • Database Auditing
    • Auditing Users that have Access
    • Managing the Audit Trail
    • Privileged user auditing (10g NF for 8i DBAs)
    • DML and DDL auditing with triggers (Wayne Reeser brown bag) Include autonomous transaction
    • Auditing with SYSLOG
    • Audit Vault

  • Fine-Grained Auditing
    • Concepts
    • Implementation
    • Data dictionary views
    • XML Format FGA logs

  • Basic User Authentication
    • Basic authentication
    • Protecting Passwords
    • Restricting Remote Database Authentication
    • Database Links

  • Strong Authentication
    • Example of Strong Authentication
    • Oracle provided tools
    • Enable Strong Authentication
    • Authentication adapters to Kerberos, Radius, et al
    • Secure External Password Store
    • External Security Module

  • Enterprise User Security
    • Enterprise User Security (EUS)requirements
    • EUS architecture
    • EUS vs. version of database
    • Authenticating enterpriser users
    • Setup Enterprise User Security
    • Authorizing Enterprise users
    • Create Enterprise roles
    • Creating Enterpriser users using Migration Utility

  • Proxy Authentication
    • Security Challenges of Three-tier Computing
    • Oracle 10g Proxy Authentication Solutions
    • Proxy Authentication
    • Data Dictionary Views
    • Auditing Actions Taken on Behalf of the Real User
    • Auditing the Real User

  • Authorization Methods
    • Discretionary access control
    • Securing Objects
    • Secure Application Roles
    • Data Dictionary Views: APPLICATION_ROLES

  • Using Application Context
    • Tools: PL/SQL Packages
    • Implementing a Local Context
    • Accessing the Application Context Globally
    • Guidelines
    • Data Dictionary views: *_CONTEXT

  • Fine-Grained Access Control
    • How Fine-Grained Access Control Works
    • EXEMPT ACCESS POLICY
    • Partitioned Fine Grained Access Control
    • Static vs. Dynamic Policies for Performance
    • FGAC: Creating a Virtual Private Database Policy: Tools
    • Implementation
    • Data Dictionary Views: *_POLICIES

  • Installing Label Security
    • Label Security: Overview
    • Access Control
    • VPD vs. Label Security
    • How Sensitivity Labels Are Used
    • Access Mediation
    • Installing Label Security
    • Configuring Label Security
    • Installing Policy Manager

  • Implementing Label Security
    • Implement Label Security
    • Analyze the Needs
    • Create policies
    • Create compartments
    • Setting user authorizations
    • Administering labels with Policy Manager
    • Add Labels to Data
    • Policy Special Privileges

  • Encrypting Data: Concepts
    • Principles of Data Encryption
    • Data Encryption Challenges
    • Solutions

  • Use Application Based Encryption
    • DBMS_CRYPTO Package (New)
    • Encrypt
    • Decrypt
    • Using MD5, SHA
    • Guidelines

  • Use Transparent Data Encryption
    • Transparent Data Encryption
    • Benefits of TDE
    • Using the External security Module
    • Using TDE
    • Export and Import with TDE
    • TDE Restrictions

  • Use File Encryption
    • RMAN Encrypted Backups
    • Encrypted Export Files
    • Oracle Secure Backup

  • Oracle Net Services Security Checklist
    • Overview of Net Services
    • Overview of firewalls
    • Network Security Checklist
    • Authenticate the Client

  • Securing the Listener
    • Restrict Network IP addresses
    • Limit Resource Usage by Unauthorized Connections
    • Restrict the Privileges of the Listener
    • Prevent unauthorized administration of the Oracle Listener
    • Prevent on-line administration
    • Secure External Procedures
    • Set listener log and trace file
    • Restrict CREATE LIBRARY privileges

  • Using Connection Manager as a Firewall
    • Oracle Connection Manager Overview
    • Oracle Connection Manager Architecture and processes
    • Starting and stopping Connection Manager
    • Access Control with Connection Manager
    • Monitor Connection Events Using the CMAN Log File
    • Prevent remote administration of the Oracle Connection Manager

  • Securing SQL*Plus and iSQL*Plus
    • SQL*Plus
    • iSQL*plus


Duração: 3 dias

Red Hat
Oracle
SAP
Furukawa
Prometric

Contato

End:    

Av. Protásio Alves, 2561 conj. 603
Petrópolis - Porto Alegre/RS

Fone:

+55 51 3392-2809


© 2011 Todos os direitos reservados

Depoimentos

Confira no link abaixo, depoimentos de parceiros, fornecedores e alunos que participaram de treinamentos conosco.
Através do nosso formulário de contato, você pode enviar o seu depoimento, sugestão ou crítica para a Fontoura Education.

[clique aqui para ver os depoimentos]

Links