Podcast
Questions and Answers
Database security encompasses only the protection of the data held in a database
Database security encompasses only the protection of the data held in a database
False
Breaches of security may affect only the data held in a database
Breaches of security may affect only the data held in a database
False
Theft and fraud can alter data in a database
Theft and fraud can alter data in a database
False
Database security should focus on reducing the opportunities for theft and fraud
Database security should focus on reducing the opportunities for theft and fraud
Signup and view all the answers
Loss of availability means data or the system cannot be accessed, severely impacting an organization's financial performance.
Loss of availability means data or the system cannot be accessed, severely impacting an organization's financial performance.
Signup and view all the answers
Countermeasures to threats on computer systems range from physical controls to administrative procedures.
Countermeasures to threats on computer systems range from physical controls to administrative procedures.
Signup and view all the answers
The security of a DBMS is closely associated with the security of the operating system.
The security of a DBMS is closely associated with the security of the operating system.
Signup and view all the answers
Mandatory Access Control (MAC) is based on system-wide policies that cannot be changed by individual users and involves security class assignments and clearance for users.
Mandatory Access Control (MAC) is based on system-wide policies that cannot be changed by individual users and involves security class assignments and clearance for users.
Signup and view all the answers
Setting a password for the database is available through the Encrypt with Password option in the File/Info section
Setting a password for the database is available through the Encrypt with Password option in the File/Info section
Signup and view all the answers
Roles in Oracle can be granted to users or a group of privileges can be granted to a role, which is then assigned to users
Roles in Oracle can be granted to users or a group of privileges can be granted to a role, which is then assigned to users
Signup and view all the answers
Internet communication relies on TCP/IP, which was not designed with security in mind
Internet communication relies on TCP/IP, which was not designed with security in mind
Signup and view all the answers
Proxy servers in a Web environment intercept requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests
Proxy servers in a Web environment intercept requests to determine if they can fulfill them and have two main purposes: improving performance and filtering requests
Signup and view all the answers
True or false: The Bell-LaPadula model imposes three restrictions on reading and writing database objects: Simple Security Property, *-Property, and Discretionary Access Control?
True or false: The Bell-LaPadula model imposes three restrictions on reading and writing database objects: Simple Security Property, *-Property, and Discretionary Access Control?
Signup and view all the answers
True or false: Journaling is the process of maintaining a log file of all changes made to the database, enabling effective recovery in case of failure?
True or false: Journaling is the process of maintaining a log file of all changes made to the database, enabling effective recovery in case of failure?
Signup and view all the answers
True or false: The Data Encryption Standard (DES) uses a 64-bit key to transform each 56-bit block of plaintext?
True or false: The Data Encryption Standard (DES) uses a 64-bit key to transform each 56-bit block of plaintext?
Signup and view all the answers
True or false: Most working systems are based on user keys longer than the message, as longer keys are considered more secure?
True or false: Most working systems are based on user keys longer than the message, as longer keys are considered more secure?
Signup and view all the answers
PGP (Pretty Good Privacy) uses a 128-bit symmetric algorithm for bulk encryption, which is currently considered unbreakable by existing technologies and knowledge.
PGP (Pretty Good Privacy) uses a 128-bit symmetric algorithm for bulk encryption, which is currently considered unbreakable by existing technologies and knowledge.
Signup and view all the answers
Keys with 64 bits are likely breakable by major governments with special hardware, with 80-bit keys potentially becoming breakable in the future.
Keys with 64 bits are likely breakable by major governments with special hardware, with 80-bit keys potentially becoming breakable in the future.
Signup and view all the answers
RAID levels include RAID 0, RAID 1, RAID 0+1, RAID 2, RAID 3, RAID 4, RAID 5, and RAID 6, each with different redundancy and performance characteristics.
RAID levels include RAID 0, RAID 1, RAID 0+1, RAID 2, RAID 3, RAID 4, RAID 5, and RAID 6, each with different redundancy and performance characteristics.
Signup and view all the answers
Microsoft Office Access 2010 does not support SQL GRANT and REVOKE statements for access control, instead providing methods like splitting the database, setting a password, enabling disabled content, and packaging, signing, and deploying the database.
Microsoft Office Access 2010 does not support SQL GRANT and REVOKE statements for access control, instead providing methods like splitting the database, setting a password, enabling disabled content, and packaging, signing, and deploying the database.
Signup and view all the answers
Study Notes
Data Security and Administration in Database Management Systems
- PGP (Pretty Good Privacy) uses a 128-bit symmetric algorithm for bulk encryption, which is currently considered unbreakable by existing technologies and knowledge.
- Keys with 64 bits are likely breakable by major governments with special hardware, with 80-bit keys potentially becoming breakable in the future.
- Asymmetric encryption, such as the public key cryptosystems, uses different keys for encryption and decryption, with the most well-known being RSA.
- The hardware running the DBMS should be fault-tolerant, with RAID (Redundant Array of Independent Disks) technology providing redundancy and improved reliability.
- RAID levels include RAID 0, RAID 1, RAID 0+1, RAID 2, RAID 3, RAID 4, RAID 5, and RAID 6, each with different redundancy and performance characteristics.
- Microsoft Office Access 2010 does not support SQL GRANT and REVOKE statements for access control, instead providing methods like splitting the database, setting a password, enabling disabled content, and packaging, signing, and deploying the database.
- Splitting the database, separating database tables from application objects, is the most secure way to protect data and can be done using the Database Splitter Wizard in Office Access 2010.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Test your understanding of the security model for assigning security classes to database objects and subjects. Learn about the ordering of security classes and how clearances are assigned to subjects in the system.
