New Learning | Premium Moodle Theme

Oracle Database 11g: Security (Ed 2) Boot Camp

Description

In this 5-day course, you'll learn how to use Oracle Database features to meet the security, privacy and compliance requirements of their organization. The current regulatory environment of the Sarbanes-Oxley Act, HIPAA, the UK Data Protection Act and others requires better security at the database level.

Learn To:

  • Implement Oracle Database security features to ensure the data is secure
  • Implement Oracle Database security features to ensure compliance with regulations Security Features

This course discusses the following security features of the database: auditing, encryption for Payment Card Industry Data Security Standard (PCI DSS ) including encryption at the column, tablespace and file levels, Virtual Private Database, Oracle Label Security and Enterprise User Security. Some of the Oracle Network security topics included are: securing the listener and restricting connections by IP address.

Prerequisites

Suggested Prerequisites

  • Oracle Database 11g: Administration Workshop I
  • Oracle Database 11g: Administration Workshop I Release 2
  • Oracle Database 11g: Administration Workshop II Release 2 
  • Oracle Database 11g: Administration Workshop II 

Curriculum

Module 1: Introduction to Database Security

  • Fundamental Data Security Requirements
  • Data Security Concerns
  • Compliance Mandates
  • Security Risks
  • Developing Your Security Policy
  • Defining a Security Policy
  • Implementing a Security Policy
  • Techniques to Enforce Security

 

Module 2: Choosing Security Solutions

  • Maintaining Data Integrity
  • Protecting Data
  • Controlling Data Access
  • Oracle Database Vault Overview
  • Oracle Audit Vault Overview
  • Combining Optional Security Features
  • Compliance Scanner
  • Enterprise Manager Database Control: Policy Trend

 

Module 3: Basic Database Security

  • Database Security Checklist
  • Reducing Administrative Effort
  • Applying Security Patches
  • Default Security Settings
  • Secure Password Support
  • Enforcing Password Management
  • Protecting the Data Dictionary
  • System and Object Privileges

 

Module 4: Auditing Database Users, Privileges, and Objects

  • Monitoring for Suspicious Activity
  • Standard Database Auditing
  • Setting the AUDIT_TRAIL
  • Specifying Audit Options
  • Viewing Auditing Options
  • Auditing the SYSDBA Users
  • Audit to XML Files
  • Value-Based Auditing

 

Module 5: Auditing DML Statements

  • Fine-Grained Auditing (FGA)
  • Using the DBMS_FGA Package
  • FGA Policy
  • Triggering Audit Events
  • Data Dictionary Views
  • DBA_FGA_AUDIT_TRAIL
  • Enabling and Disabling an FGA Policy
  • Maintaining the Audit Trail

 

Module 6: Using Basic User Authentication

  • User Authentication
  • Protecting Passwords
  • Creating Fixed Database Links
  • Encrypting Database Link Passwords
  • Using Database Links without Credentials
  • Using Database Links and Changing Passwords
  • Auditing with Database Links
  • Restricting a Database Link with Views

 

Module 7: Using Strong Authentication

  • Strong Authentication
  • Single Sign-On
  • Public Key Infrastructure (PKI) Tools
  • Configuring SSL on the Server Certificates
  • Using the orapki Utility
  • Using Kerberos for Authentication
  • Configuring the Wallet

 

Module 8: Using Enterprise User Security

  • Enterprise User Security
  • Oracle Identity Management Infrastructure: Default Deployment
  • Oracle Database: Enterprise User Security Architecture
  • Oracle Internet Directory Structure Overview
  • Installing Oracle Application Server Infrastructure
  • Managing Enterprise User Security
  • Creating a Schema Mapping Object in the Directory
  • Creating a Schema Mapping Object in the Directory

 

Module 9: Using Proxy Authentication

  • Security Challenges of Three-Tier Computing
  • Common Implementations of Authentication
  • Restricting the Privileges of the Middle Tier
  • Authenticating Database and Enterprise Users
  • Using Proxy authentication for Database Users
  • Proxy Access Through SQL*Plus
  • Revoking Proxy Authentication
  • Data Dictionary Views for Proxy Authentication

 

Module 10: Using Privileges and Roles

  • Authorization
  • Privileges
  • Benefits of Roles
  • CONNECT Role Privileges
  • Using Proxy Authentication with Roles
  • Creating an Enterprise Role
  • Securing Objects with Procedures
  • Securing the Application Roles

 

Module 11: Access Control

  • Description of Application Context
  • Using the Application Context
  • Setting the Application Context
  • Application Context Data Sources
  • Using the SYS_CONTEXT PL/SQL Function
  • PL/SQL Packages and Procedures
  • Implementing the Application Context Accessed Globally
  • Data Dictionary Views

 

Module 12: Implementing Virtual Private Database

  • Understanding Fine-Grained Access Control
  • Virtual Private Database (VPD)
  • How Fine-Grained Access Control Works
  • Using DBMS_RLS
  • Exceptions to Fine-Grained Access Control Policies
  • Implementing a VPD Policy
  • Implementing Policy Groups
  • VPD Best Practices

 

Module 13: Oracle Label Security Concepts

  • Access Control: Overview
  • Discretionary Access Control
  • Oracle Label Security
  • How Sensitivity Labels are Used
  • Installing Oracle Label Security
  • Oracle Label Security Features
  • Comparing Oracle Label Security and VPD
  • Analyzing Application Needs

 

Module 14: Implementing Oracle Label Security

  • Implementing the Oracle Label Security Policy
  • Creating Policies
  • Defining Labels Overview
  • Defining Compartments
  • Identifying Data Labels
  • Access Mediation
  • Adding Labels to Data
  • Assigning User Authorization Labels

 

Module 15: Using the Data Masking Pack

  • Understanding Data Masking
  • Data Masking Pack Features
  • Identifying Sensitive Data for Masking
  • Types of Built-in Masking Primitives and Routines
  • Data Masking of the EMPLOYEES Table
  • Implementing a Post-Processing Function
  • Viewing the Data Masking Impact Report
  • Creating an Application Masking Template by Exporting Data Masking Definitions

 

Module 16: Encryption Concepts

  • Understanding Encryption
  • Problems that Encryption Solves
  • Encryption is not Access Control
  • What to Encrypt
  • Data Encryption Challenges
  • Storing the Key in the Database
  • Letting the User Manage the Key
  • Storing the Key in the Operating System

 

Module 17: Using Application-Based Encryption

  • DBMS_CRYPTO Package Overview
  • Using the DBMS_CRYPTO Package
  • Generating Keys Using RANDOMBYTES
  • Using ENCRYPT and DESCRYPT
  • Enhanced Security Using the Cipher Block Modes
  • Hash and Message Authentication Code

 

Module 18: Applying Transparent Data Encryption

  • Transparent Data Encryption (TDE)
  • Creating the Master Key
  • Opening the Wallet
  • Using Auto Login Wallet
  • Resetting (Rekeying the Unified Master Encryption Key **11.2**
  • Using Hardware Security Modules
  • TDE Column Encryption Support
  • Creating an Encrypted Tablespace

 

Module 19: Applying File Encryption

  • RMAN Encrypted Backups
  • Oracle Secure Backup Encryption
  • Creating RMAN Encrypted Backups
  • Data Pump Encryption
  • Using Dual Mode Encryption
  • Encrypting Dump Files

 

Module 20: Oracle Net Services: Security Checklists

  • Overview of Security Checklists
  • Securing the Client Computer
  • Configuring the Browser
  • Network Security Checklist
  • Using a Firewall to Restrict Network Access
  • Restricting Network IP Addresses: Guidelines
  • Configuring IP Restrictions with Oracle Net Manager
  • Configuring Network Encryption

 

Module 21: Securing the Listener

  • Listener Security Checklist
  • Restricting the Privileges of the Listener
  • Moving the Listener to a Nondefault Port
  • Preventing Online Administration of the Listener
  • Using the INBOUND_CONNECT_TIMEOUT Parameter
  • Analyzing Listener Using TCP/IP with SSL
  • Setting Listener Logging Parameters

What's included?
 

  • Authorized Courseware
  • Intensive Hands on Skills Development with an Experienced Subject Matter Expert
  • Hands on practice on real Servers and extended lab support 1.800.482.3172
  • Examination Vouchers  & Onsite Certification Testing- (excluding 1-day Adobe, 1-day MS Office and PMP Boot Camps) 
  • Academy Code of Honor: Test Pass Guarantee
  • Optional: Package for Hotel Accommodations, Lunch and Transportation

Training Formats

With several convenient training delivery methods offered, The Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Academy for an engaging and effective learning experience.

Methods

Instructor Led (the best training format we offer)
Live Online Classroom – Online Instructor Led
Self-Paced Video

Speak to an Admissions Representative for complete details

By far the most competitve price we found, which included exam vouchers, hands on labs, practice test and a true Master of Cyber Security concepts as our Instructor. Franklin Mesa was the best trainer I have ever had and i walked out certified on the last day of my CompTIA Security+ certification bootcamp. 

Marc Alfonso - CompTIA Security + Student

 

The Academy is one of the best educational values for today's job market.  I studied hard and got certified (A+ and N+).  Even though I had no prior IT experience, I now have a good job replacing obsolete computers in hospitals throughout the country.  At my job interview, I just slid my test scores and certification across the table to the interviewer, who is now my boss.  I was hired the next day.  

Not bad for a 65 year old.

John Arnett- Student 

"I congratulate The Academy for a great facility and good lab computers. The Academy is great and I will definitely be taking more courses and utilizing the services available. Omer Palo is an excellent instructor that truly knows his material. I never felt bored in his class which is a first for me. Thank You."

IT Director, Burger King Corporation

"The instructor Frank Martinez is excellent – he covered so much material in 2 weeks that was unbelievable! He definitely knows what he does and it shows in the way that he conducts each lecture. He is the greatest!"
"Thanks Academy for allowing me to experience the MCSA / MCSE + Security Boot camp."

IT Professional, Florida International University

 

Schedules

Contact Us


THE ACADEMY

1.800.482.3172

FTL: 954.351.7040

MIA: 305.648.2000


Request More Information

 

Current Promotions!

 

  _____________________________________

 

 

 

Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon Sign up for our Email Newsletter!

          

 

Students - Orbund Log-In