• Author / Uploaded
• Cachues Profile

Citation preview

DIGITAL SECURITY > DATABASE SECURITY

- Which of the following option signifies the importance of database security? ALL THE OPTIONS - _______ privileges allow a user to perform administrative operations in a database. ADMIN - ________ is an attack on a network or computer to make that computer or network unavailable to a legitimate user. DoS ATTACKS - Testing before deployment is not an essential step to ensure database security. FALSE - In information security, CIA stands for ________ CONFIDENTIALITY INTEGRITY AVAILABILITY

- DAM systems that are a hybrid between a true DAM system and a SIEM which relies on data generated by the database are called ___________ LOG-BASED DAM SYSTEMS - _______ provides means to monitor privileged users and application access independent of native database logging and audit functions. DATABASE ACTIVITY MONITORING (DAM) - “No unauthorized disclosure” is an objective of which aspect of database security? CONFIDENTIALITY - A high-level function that is responsible for the overall management of data resources in an organization DATA ADMINISTRATION - “No unauthorized modification” is an objective of which aspect of database security? INTEGRITY - The technical aspects of data are handled by ___ DATA ADMINISTRATOR - Which of the following options are principal classes of DoS attacks?

ALL THE APPLICATIONS - A method of creating a structurally similar but inauthentic version of an organization's data is most commonly known as: DATA MASKING - _______ mechanisms are used to protect data from indirect detections. CRYPTOGRAPHY - Databases that are not connected to the internet are safe from attacks. FALSE - ________ is exploited by influencing SQL statements that do not filter input from applications to a back-end database correctly. SQL INJECTION - __________ is achieved by distributing privileges for accomplishing a task to different people. PRINCIPLE OF LEAST PRIVILEGE - _______ mechanisms ensure that information contained in objects does not flow explicitly or implicitly into less protected objects. FLOW CONTROL - Which of the following option can be considered a target for SQL injection? EXCESSIVE PRIVILEGES - Cryptography ensures ____________________ CONFIDENTIALITY AND INTEGRITY - __________ identifies the database platforms within infrastructure and then examines their risk exposure. DATABASE RISK ASSESSMENT - Which of the following options are consequences of user privilege misuse? ALL THE OPTIONS - ______________ is used to enforce multilevel security by categorizing the data and users into various security classes. MANDATORY ACCESS CONTROL