Database Security Model Quiz

Questions and Answers

How can the backend database be protected?

By restricting access based on IP address

By assigning a password and specifying its location (correct)

By encrypting it with a digital certificate

By using a firewall to block all incoming traffic

Where is the option to set a password for the database available?

In the File/Info section under Encrypt with Password option (correct)

In the Database Settings menu under Security

In the Tools tab under Database Options

In the Advanced Settings window under Data Protection

What can Trust Center be used for in a database?

To schedule automatic backups

To encrypt the entire database

To trust (enable) disabled content and set security options (correct)

To create user roles and permissions

What does the Package-and-Sign feature in Access do?

Places the database in an Access Deployment (.accdc) file and signs the package

What types of security does Oracle provide?

System security (user name and password mechanism) and data security (privileges)

What are Oracle privileges?

System privileges (action on any schema objects) and object privileges (action on specific objects)

What can roles in Oracle be granted to?

Users or a group of privileges can be granted to a role, which is then assigned to users

What does internet communication rely on?

TCP/IP, which was not designed with security in mind

What are key aspects of securing information transmission over the Internet?

Privacy, integrity, authenticity, and nonrepudiation

What are the main purposes of proxy servers in a Web environment?

Improving performance and filtering requests

Match the database security feature with its description:

Encrypt with Password option = Setting a password for the database Trust Center = Trusting disabled content and setting security options for Office Access 2010 databases Package-and-Sign feature = Placing the database in an Access Deployment (.accdc) file and signing the package Oracle system security = Providing user name and password mechanism

Match the aspects of securing information transmission over the Internet with their descriptions:

Privacy = Ensuring that information is not accessed by unauthorized parties Integrity = Ensuring that information is not altered during transmission Authenticity = Verifying the identity of the sender and receiver of information Nonrepudiation = Ensuring that the sender cannot deny sending the information

Match the Oracle privileges with their descriptions:

System privileges = Allowing action on any schema objects Object privileges = Allowing action on specific objects Roles in Oracle = Can be granted to users or a group of privileges can be granted to a role, which is then assigned to users Oracle proxy servers = Intercepting requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests

Match the Internet communication aspect with its description:

TCP/IP = Was not designed with security in mind Proxy servers in a Web environment = Intercepting requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests Trust Center = Trusting disabled content and setting security options for Office Access 2010 databases Package-and-Sign feature = Placing the database in an Access Deployment (.accdc) file and signing the package

Match the Oracle data security feature with its description:

System security (user name and password mechanism) = Providing user name and password mechanism Oracle privileges = Include system privileges (action on any schema objects) and object privileges (action on specific objects) Roles in Oracle = Can be granted to users or a group of privileges can be granted to a role, which is then assigned to users Internet communication = Relies on TCP/IP, which was not designed with security in mind

Setting a password for the database is available through the Encrypt with Password option in the File/Info section

True

Trust Center can be used to trust (enable) the disabled content in a database and set security options for Office Access 2010 databases

True

Oracle provides system security (user name and password mechanism) and data security (privileges)

True

Roles in Oracle can be granted to users or a group of privileges can be granted to a role, which is then assigned to users

True

Internet communication relies on TCP/IP, which was not designed with security in mind

True

Privacy, integrity, authenticity, and nonrepudiation are key aspects of securing information transmission over the Internet

True

Proxy servers in a Web environment intercept requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests

True

Backend database can be protected by assigning a password and specifying its location

True

Package-and-Sign feature in Access places the database in an Access Deployment (.accdc) file and signs the package

True

Oracle privileges include system privileges (action on any schema objects) and object privileges (action on specific objects)

True

Study Notes

Database Security and Administration

• Backend database can be protected by assigning a password and specifying its location
• Setting a password for the database is available through the Encrypt with Password option in the File/Info section
• Trust Center can be used to trust (enable) the disabled content in a database and set security options for Office Access 2010 databases
• Package-and-Sign feature in Access places the database in an Access Deployment (.accdc) file and signs the package
• Oracle provides system security (user name and password mechanism) and data security (privileges)
• Oracle privileges include system privileges (action on any schema objects) and object privileges (action on specific objects)
• Roles in Oracle can be granted to users or a group of privileges can be granted to a role, which is then assigned to users
• Internet communication relies on TCP/IP, which was not designed with security in mind
• Privacy, integrity, authenticity, and nonrepudiation are key aspects of securing information transmission over the Internet
• Proxy servers in a Web environment intercept requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests

Database Security and Administration

• Backend database can be protected by assigning a password and specifying its location
• Setting a password for the database is available through the Encrypt with Password option in the File/Info section
• Trust Center can be used to trust (enable) the disabled content in a database and set security options for Office Access 2010 databases
• Package-and-Sign feature in Access places the database in an Access Deployment (.accdc) file and signs the package
• Oracle provides system security (user name and password mechanism) and data security (privileges)
• Oracle privileges include system privileges (action on any schema objects) and object privileges (action on specific objects)
• Roles in Oracle can be granted to users or a group of privileges can be granted to a role, which is then assigned to users
• Internet communication relies on TCP/IP, which was not designed with security in mind
• Privacy, integrity, authenticity, and nonrepudiation are key aspects of securing information transmission over the Internet
• Proxy servers in a Web environment intercept requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests

Database Security and Administration

• Backend database can be protected by assigning a password and specifying its location
• Setting a password for the database is available through the Encrypt with Password option in the File/Info section
• Trust Center can be used to trust (enable) the disabled content in a database and set security options for Office Access 2010 databases
• Package-and-Sign feature in Access places the database in an Access Deployment (.accdc) file and signs the package
• Oracle provides system security (user name and password mechanism) and data security (privileges)
• Oracle privileges include system privileges (action on any schema objects) and object privileges (action on specific objects)
• Roles in Oracle can be granted to users or a group of privileges can be granted to a role, which is then assigned to users
• Internet communication relies on TCP/IP, which was not designed with security in mind
• Privacy, integrity, authenticity, and nonrepudiation are key aspects of securing information transmission over the Internet
• Proxy servers in a Web environment intercept requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests

Description

Test your knowledge of database security models, including the assignment of security classes to database objects and subjects, as well as the ordering of security classes. Explore the concepts of top secret, secret, confidential, and unclassified data.