title
Please take a moment to fill out this form. We will get back to you as soon as possible.
All fields marked with an asterisk (*) are mandatory.
Oracle Database 11g: Encryption & Advanced Data Security
Course Description
Overview
This Oracle Database 11g: Encryption & Advanced Data Security course is designed to provide students with and understanding of the available countermeasures against threats to data security. Students should consider how encryption technology should, and should not, be employed within an Oracle Database environment in response to known threats and risks. They will understand best security practices which pertain to application security, host system configuration and the database installation.Objectives
- Consider examples of common security threats and sensitive data which might exist within an organization.
- Review the essentials of a sound and secure database installation.
- Recognize known database security weaknesses and how these may be addressed.
- Acknowledge examples of specific attacks which could be launched against individual components within a data center or within the public networks.
- Review the theory and concepts which underlie symmetric and asymmetric encryption.
- Analyze the primary elements involved in asymmetric encryption, including private and public keys, the Public Key Infrastructure, certificates, Certificate Authorities and wallets.
- Discuss how symmetric or asymmetric encryption is applied to network traffic, database storage and external files.
- Examine the limits of encryption strategies and when encryption could be misapplied and counterproductive.
- Discuss the challenges and options available for encryption key storage.
- Apply Transparent Data Encryption (TDE) to tablespace, column, export file, RMAN backup set file and SecureFile LOB encryption.
- Utilize the Oracle Data Pump access driver to encrypt external tables.
- Configure Oracle Net Services to repel database attacks and implement advanced security using encrypted network communication.
- Implement an application-based encryption solution using the DBMS_CRYPTO() package.
- Consider the types of attacks which can be launched using SQL injection, and which countermeasures should be applied to repel these.
- Demonstrate knowledge of enhanced application security using the Virtual Private Database (VPD) facility.
Audience
- The primary target audiences for this course are: Database administrators, Web server administrators, System administrators, Implementation specialists, Data center support engineers, Security administrators and compliance auditors
Prerequisites
- ORACLE DATABASE 11G R2: SQL FUNDAMENTALS – COMPLETE LIBRARY
- (DBOR-917)
- ORACLE DATABASE 11G R2: PL/SQL FUNDAMENTALS – COMPLETE LIBRARY (DBOR-920)
- ORACLE DATABASE 11G R2: ADMINISTRATION I (DBOR-923)
Topics
- DATA security & potential threats
- DATABASE security checklist
- SECURING the database installation
- SECURE by default configuration
- ABOUT encryption
- ABOUT SSL
- CHALLENGES with asymmetric encryption
- WHAT is PKI?
- A certificate challenge scenario
- WHAT is a wallet?
- PUBLIC-key cryptography standards
- NETWORK encryption
- STORAGE encryption
- FILE encryption
- ENCRYPTION limitations
- ABOUT advanced technology
- ACCESS control
- PROTECTION against a malicious insider
- ENCRYPTION algorithms & potential weaknesses
- DATA encryption algorithm developments
- CHOOSING a data encryption algorithm
- MESSAGE integrity algorithms
- CHOOSING an integrity algorithm
- MANAGING encryption keys
- KEY storage strategies
- TRANSPARENT data encryption
- TDE encryption algorithms
- ABOUT column encryption
- MAC & the integrity algorithm
- IS TDE unbreakable?
- NETWORK security
- MANAGING TDE
- ENCRYPTION security module
- CHARGING the default encryption security mode
- USING hardware security modules
- WALLET open options
- CREATE wallet
- OPEN & closed wallet
- ADVANCED options
- RE-KEY master encryption key
- MIGRATE to HSM
- CHANGE encryption security module settings
- CHANGE encryption wallet password
- IMPLEMENTING tablespace encryption
- SQL create tablespace with encryption
- QUERYING the data dictionary
- CHANGING the encryption state
- IMPLEMENTING column encryption
- SPECIFYING column encryption
- ENCRYPTION algorithms
- USING the EM interface
- LIMITATIONS to column encryption
- PERFORMANCE considerations
- SECUREFILE LOBS
- APPLICATION encryption to LOBs
- EXAMINING securefile encryption using pl/sql
- EXAMINING securefile encryption using EM
- ETXTERNAL table encryption
- DATA pump encryption
- ENCRYPTION parameter
- ENCRYPTION_ALGORITHM parameter
- ENCRYPTION_MODE parameter
- ENCRYPTION_PASSWORD parameter
- ENCRYPTION scenario
- RMAN backup set encryption
- BACKUP encryption using EM
- BACKUP encryption using RMAN
- Decrypt during recovery
- ORACLE secure backup
- ORACLE net within the application architecture
- COMPONENTS within the oracle net
- COUNTERING database attacks
- LIMITING databse attacks
- PREVENTING denial¬-service-attacks
- WHAT is a denial-of service attack?
- PREVENTING attacks against the database
- AVOIDING disclosure of vulnerabilities
- HIDING the database banner
- ORACLE net services user notifications
- ORACLE net native encryption
- SECURE communications
- ENCRYPTION & integrity negotiations
- NEGOTIATION security
- IMPLEMENTATION with oracle net manager
- INTEGRITY rules
- ENCRYPTION rules
- IMPLEMENTATION with sqlnet.ora
- ADVANCED security settings
- ALGORITHMIC adaptations
- STREAM vs. block ciphers
- CIPHER block modification
- ELECTRONIC code book (ECB)
- CIPHER block chaining (CBC)
- CIPHER feedback (CFB)
- OUTPUT feedback mode (OFB)
- CIPHER block padding
- PKCS #5
- ABOUT DBMS_CRYPTO()
- WORKING with encryption data
- BASIC DBMS_CRYPTO() capabilities
- KEY generation
- ENCRYPTION & decryption
- SPECIFYING the encryption rules
- ALGORITHM specification
- BLOCK cipher chaining modifier specification
- BLOCK cipher padding modifier specification
- MESSAGE integrity capabilities
- HASH()
- MAC()
- A simple key management approach
- DATABASE storage
- APPLICATION logic storage
- UNDERSTANDING the threat
- HOW is the threat used?
- STATEMENT modification
- BYPASSING authentication
- STATEMENT insertion
- APPLYING countermeasures
- USE bind variables
- USE DMBS_ASSERT()
- UNDERSTANDING VPDS
- PREPARING for a VPD
- CONFIGURING a security administrator
- CONFIGURING the application scenario
- CONFIGURING A VPD
- DEFINE an application context
- DEFINE application context attributes
- ASSIGN attribute values
- DEFINE VPD policies
- MANAGING application contexts
- DROPPING an application context
- USING SYS_CONTEXT()
- MANAGING policies & security rules
- DROPPING a policy
- COLUMN-level policy
- CUSTOMIAZING policy attributes
- EXAMINING policy data
Related Courses
-
Oracle Database 11g R2 SQL Complete
DBOR-917- Duration: 5 Days
- Delivery Format: Classroom Training, Online Training
- Price: 3,500.00 USD
-
Oracle Database 11g R2 PL/SQL Complete
DBOR-920- Duration: 5 Days
- Delivery Format: Classroom Training, Online Training
- Price: 3,500.00 USD
Self-Paced Training Info
Learn at your own pace with anytime, anywhere training
- Same in-demand topics as instructor-led public and private classes.
- Standalone learning or supplemental reinforcement.
- e-Learning content varies by course and technology.
- View the Self-Paced version of this outline and what is included in the SPVC course.
- Learn more about e-Learning
Course Added To Shopping Cart
bla
bla
bla
bla
bla
bla
Self-Paced Training Terms & Conditions
Exam Terms & Conditions
Sorry, there are no classes that meet your criteria.
Please contact us to schedule a class.
STOP! Before You Leave
Save 0% on this course!
Take advantage of our online-only offer & save 0% on any course !
Promo Code skip0 will be applied to your registration
Purchase Information
title
Please take a moment to fill out this form. We will get back to you as soon as possible.
All fields marked with an asterisk (*) are mandatory.