Database Security Threats Quiz

Questions and Answers

Which type of attack seeks to determine values of sensitive fields by seeking them directly with queries that yield few records?

• Tracker attack
• Inference attack
• Indirect attack
• Direct attack (correct)

What is the main purpose of database journaling in terms of security?

• Providing a record of changes for recovery purposes (correct)
• Protecting against unauthorized database access
• Ensuring data availability during disasters
• Encrypting sensitive data stored in the database

Why is focusing solely on database security not enough to ensure a secure database?

• Because database security enforcement is necessary (correct)
• Because databases are always prone to cyber-attacks
• Due to the influence of external factors on database security
• Due to the complexity of database structures

What is the purpose of controlling access in a multilevel database security system?

To control the flow of information within the database (D)

Which method involves an intruder obtaining information through authorized actions?

Inference attack (B)

What does DB backup contribute to database security?

Ensures data availability during disasters (B)

'To control the information flow' is a key objective of which database security problem?

Multilevel DB problem (D)

In what way does replication contribute to database security?

By creating multiple copies of the database for redundancy (C)

Why is outsourced database a significant concern in terms of security?

It increases the risk of unauthorized access to the database (D)

What is the primary purpose of DB encryption in terms of security methods?

To protect sensitive data stored in the database from unauthorized access (A)

What are the 5 security attacks mentioned in the text?

Interruption, Interception, Modification, Fabrication, Man-in-the-middle attack (MITM)

What is the main role of cryptographic techniques in database security?

To support many security mechanisms by detecting, preventing, or recovering from security attacks.

Define database security in terms of the measures, policies, and mechanisms it encompasses.

Database security is a set of measures to provide confidentiality, integrity, availability of data, and deter possible attacks from insiders and outsiders.

What is the scope of database security according to the text?

To protect the database against intentional or accidental threats, covering hardware, software, people, and data.

What is the primary purpose of authentication in database security?

To verify the identity of users and ensure that only authorized users access the database.

Explain the importance of access control in database security.

Access control limits who can view or modify data in the database, preventing unauthorized access.

What are security requirements in the context of database security?

Confidentiality, integrity, availability of data, and deterring possible attacks.

What is the purpose of security services in database security?

To detect, prevent, or recover from security attacks on the database.

Define the term 'man-in-the-middle attack' (MITM) in the context of security attacks.

An attack where an intruder intercepts communication between two parties to eavesdrop or manipulate the data.

How does database security contribute to deterring threats from both insiders and outsiders?

By implementing measures, policies, and mechanisms that ensure confidentiality, integrity, and availability of data.