Who should attend
- Database administrators
- Network administrators
- System analysts
Prerequisites
Required Prerequisites:
- Good knowledge of Oracle Database
- !Oracle Database 12c R2: Administration Workshop (D78846)
Suggested Prerequisites:
- Perform RMAN backup and recovery
- Use Oracle Data Pump export and import
- Create and manage users, roles, and privileges
- Administer listeners
Course Objectives
- Analyze any security risks of their organization
- Find appropriate Oracle solutions to meet the security, privacy and compliance requirements of their organization
- Find solutions to secure database access through the network
- Configure appropriate authentication for the database or enterprise users in the organization
- Control data access and integrity in their organization using the appropriate feature or option or product like privileges or Oracle Label Security
- Ensure data confidentiality using an encryption solution like Transparent Data Encryption, or Data Redaction or Oracle Data Masking
- Audit user actions using any of the auditing features like unified auditing
Course Content
Introduction
- Course Objectives
- Course Schedule and Appendices
Understanding Security Requirements
- Fundamental Data Security Requirements
- Security Risks
- Exploits
- Techniques to Enforce Security
Choosing Security Solutions
- Network Access Control
- Database Access Control
- Data Access Control
- Data Confidentiality
- Data Integrity
- Audit
- Compliance
Implementing Basic Database Security
- Database Security Checklist
- Reducing Administrative Effort
- Principle of Least Privilege
- Objects Protection
Securing Data on the Network
- Network Access Control
- Listener Security
- Listener Usage Control
Using Basic and Strong User Authentication
- Basic Authentication
- Strong Authentication
- Database Link Passwords Protection
Configuring Global User Authentication
- About Enterprise User Management (EUS)
- EUS and Oracle Internet Directory Integration
Using Proxy Authentication
- Security Challenges of Three-Tier Computing
- Proxy Authentication Solutions
Using Privileges and Roles
- Separation of Duties
- Roles Management
- Managing Security for Definer's Rights and Invoker's Rights
- Managing RMAN Virtual Private Catalogs
Using Privilege Analysis
- Privilege Analysis Flow
- Privilege Analysis Implementation
Using Application Contexts
- Description of Application Context
- Application Context Implementation
Implementing Virtual Private Database
- Fine-Grained Access Control and VPD
- FGAC Policies Management
- VPD Policies Management
Implementing Oracle Label Security
- Access Control Overview
- Oracle Label Security Registration
- Oracle Label Security Policies Management
Redacting Data
- Redacting Data
- Masking Policies Implementation
Using Oracle Data Masking
- Overview
- Data Masking Definition Implementation
- Data Masking Process
Using Transparent Sensitive Data Protection
- TDPS Implementation
Encryption Concepts and Solutions
- Concepts
- Solutions
- Oracle Solutions
Encrypting with DBMS_CRYPTO Package
- Usage
Using Transparent Data Encryption
- Overview
- The Master Keys and the Keystore
- Hardware Keystore
- Encryption
Database Storage Security
- RMAN and OSB Backups
- RMAN Encryption Modes
- Data Pump Export and Import of Encrypted Data
Using Unified Audit
- Auditing Overview
- Unified Audit Management
- Specific Audit Situations
Using Fine-Grained Audit
- Comparison with Unified Auditing
- Overview
- FGA Implementation