Page 191 - DCAP508_DATABASE_ADMINISTRATION
P. 191

Unit 13: Monitoring Database Modifications




          Self Assessment                                                                       Notes

          Fill in the blanks:
          1.   ………………… must include monitoring of DBA activity, and solutions should prevent
               DBA manipulation or tampering with logs or recorded activity.

          2.   Most DAM tools is the ability to perform this auditing without relying on local
               …………………
          3.   ………………… are typically prompted by one of three drivers.

          4.   End-user accountability is often required for ………………… requirements such as the
               Sarbanes–Oxley Act.
          5.   ………………… is a type of attack used to exploit bad coding practices in applications that
               use relational databases.
          6.   If there is unencrypted network traffic, then ………………… can be used.
          7.   ………………… Is used in order to track the users and the applications that connect to the
               database.
          8.   ………………… involves monitoring  DBAs, root, system admins – which have access to
               access and alter data either via the application either by logging in at the system OS or
               local console.

          9.   The preventive security solutions and controls such as encryption and access management,
               are not effective for user access.
          10.  ………………… includes a complete set of predefined, customizable security and audit
               policies.

          13.7 Summary

               Database activity monitoring (DAM)/Database Firewall (DBF) monitors database activity
               to identify fraudulent, illegal or other undesirable behavior, by using  embedded
               knowledge about database structures and access to analytics and reporting and enforce
               policies and control. The DAM/DBF solutions operates independently of the database
               management system (DBMS) audit functionality of the database itself. The DAM/DBF can
               be regarded to either as an alternative to the DBMS functionality (due to heavy overload
               on the database servers), either as complementary control to it.

               DAM solutions contain also database vulnerability assessment and user account audit,
               coupled with firewall file access monitoring and web application monitoring.
               Auditing must include monitoring of DBA activity, and solutions should prevent DBA
               manipulation or tampering with logs or recorded activity.
               Most DAM tools is the ability to perform this auditing without relying on local database
               logging

               Deployments are typically prompted by one of three drivers.
               SQL injection is a type of attack used to exploit bad coding practices in applications that
               use relational databases.

               If there is unencrypted network traffic, then packet sniffing can be used.
               User activity monitoring in order to track the users and the applications that connect to the
               database.



                                           LOVELY PROFESSIONAL UNIVERSITY                                   185
   186   187   188   189   190   191   192   193   194   195   196