The current regulatory environment of the Sarbanes-Oxley Act, HIPAA, the UK Data Protection Act, and others, requires better security at the database level. Students learn how to secure the access to their databases and how to use the Oracle Database Security products and technologies that enhance data access and confidentiality. The course provides suggested Oracle solutions for common problems.
• Choose Oracle Database Security products and technologies to meet security requirements.
• Secure the database access by database or enterprise users with basic or strong authentication such as SSL, Kerberos and Radius.
• Protect against database bypass by using Transparent Database Encryption.
• Use Oracle Wallets and Oracle Key Vault to manage encryption keys.
• Discover sensitive columns such as Credit Card Numbers by using Application Data Modeling.
• Minimize sensitive data proliferation to test/dev environments by using Data Masking.
• Minimize storage costs in test/dev environments by using Data Subsetting.
• Reduce sensitive data exposure in applications by using Data Redaction.
• Understand and use Oracle Database Vault.
Benefits To You
This course discusses the following security features of the database: authentication, data access control including user authorizations by using privileges and roles, data confidentiality including Data Redaction, Oracle Data Masking and Subsetting, Transparent Sensitive Data Protection, encryption at the column, tablespace and file levels by using Transparent Data Encryption. This course discusses the use of the Oracle Key Vault to centrally manage keys across the enterprise. Oracle Database Vault is used to enforce Separation of Duties at the DBA level.
Hands-on practices and available demonstrations help students learn how to use most of the features of Oracle Database 12c to secure their data center, by using Oracle Enterprise Manager Cloud Control or other simple tools such as SQL*Plus.
• Course Schedule and Appendices
• Course Objectives
• Related courses and where this fits
Using Basic and Strong User Authentication
• Database Link Passwords Protection
• Strong Authentication
• Security of Roles
• Basic Authentication
Configuring Global User Authentication
• EUS and LDAP Integration
• About Enterprise User Management (EUS)
Using Proxy Authentication
• Security Challenges of Three-Tier Computing
• Proxy Authentication Solutions
Encryption Concepts and Solutions
• Oracle Solutions
Using Built-In Encryption in Applications
Using Transparent Data Encryption (TDE)
• The Master Keys and the Keystore
• Hardware Keystore
Database Storage Security
• Data Pump Export and Import of Encrypted Data
• RMAN and OSB Backups
• RMAN Encryption Modes
Introduction to Oracle Key Vault
• What is Oracle Key Vault?
• Using Oracle Key Vault
Installing Oracle Key Vault
Using Oracle Key Vault
• Contrasting Oracle Wallets and OKV Virtual Wallets
• Reviewing or refreshing prerequisite knowledge
Administering Oracle Key Vault
• Best practice tips for Oracle Key Vault
• Roles in detail
Automated Sensitive Data Discovery
• Application Data Modeling
• Managing Application Data Models
Oracle Data Masking and Subsetting overview
Masking Sensitive Data in Non-Production Environments
• Exploring Data Masking Format Library
• Data Masking Transformations
• Exploring Data Subsetting definitions
Managing Data Masking and Subsetting
• Best Practices
• Heterogeneous masking and subsetting
• Administering Data Masking and Subsetting
Oracle Advanced Security - Data Redaction
• Implementing Data Redaction
• Need to redact or dynamically mask data
• Data Redaction usage guidelines
Oracle Transparent Sensitive Data Protection (TSDP)
• TSDP Implementation
Oracle Database Vault Overview
• Database Vault Effects and Example
• What is a Realm? A Rule Set? A Command Rule? A Secure Application Role?
• What are Factors and Identities? Component Relationships and Evaluation?
• Understand Database Vault Controls
• Software Overview: API, Views, and Integration with Other Oracle Products
Configuring Database Vault
• Configuring Database Vault
• Configuring Database Vault Users in Cloud Control 12c
• What to Expect After You Enable Database Vault
• Database Vault Roles and Schema
• Securing Data in Multitenant Environments
• What are The Types of Analysis, Tools, and Prerequisites?
• Privilege Analysis Overview and Features
• Managing Privilege Analysis Policies
• Use Cases
• How Does it Work?
Security Administrators, Network Administrator, Database Administrators, System Analysts, Support Engineer
• Create and manage users, roles, and privileges
• Create and manage tables and tablespaces
• Create PL/SQL procedures
• Use Flashback Data Archive and Create PL/SQL procedures
• Use Oracle Data Pump export and import and Perform RMAN back
• Familarity with Oracle Enterprise Manager Cloud Control
• Familarity with SQL*Plus, SQL*Developer
• Oracle Database 12c: Administration Workshop Ed 2
• Introduction to Oracle Database Security Ed 1