ZuoTi.Pro
Question

Scenario: In your newly assigned Oracle DBA position, the security audit team wants you to be...

Scenario:
In your newly assigned Oracle DBA position, the security audit team wants you to be involved in a new project to make sure Users are created with Least Privileges, the database uses encryption for all data-at-rest, use separate table spaces for users and applications, user passwords expire on first login, quotas should be used for tablespaces as opposed to unlimited tablespaces, temporary tablespaces should be used to help speed performance, no default user passwords exist in the database, Roles are used for privileges as opposed to being assigned directly to the user, and the password complexity should meet or exceed some requirements for DoD STIGs.
In additional the following business guidelines are provided to help in your design:
Number of Database Users:
a. 10 Total
b. 2 with DBA privileges
c. 4 with Privileges to Select, Update, Insert and Delete from the students, employees and finances tables
d. 2 with Privileges to Select from the students, employees and finances tables
e. 2 with Privileges to select, Update, Insert and Delete from the products, sales and payroll application tables.
It is estimated no more 500K tablespace is needed for each user.
Big tablespaces are not required.
AES 256 encryption algorithm is needed to meet the contract requirements.
Note: You will need to create the tables to test your permissions and roles.

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Creating a User
Once connected as SYSTEM, simply issue the CREATE USER command to generate a new account.

CREATE USER first_admin IDENTIFIED BY MyPassword;
Here we’re simply creating a books_admin account that is IDENTIFIED or authenticated by the specified password.

Providing Roles

GRANT CONNECT TO first_admin;

Assigning Privileges

GRANT DBA to second_admin;
----------------------
Table Privileges for 4

Grants the SELECT UPDATE, INSERT, DELETE object privileges for all columns of the Students, Employees, Finances table to the users A_user, B_user, C_user and D_user.

GRANT SELECT, UPDATE, INSERT, DELETE ON Students, Employees, Finances TO A_user, B_user, C_user, D_user;


------------------------------------

Table Privileges for 2
Grants the SELECT object privileges for all columns of the Students, Employees, Finances table to the users E_user, F_user.


GRANT SELECT ON Students, Employees, Finances TO E_user, F_user;

-----------------------------
Table Privileges for 2
Grants the SELECT , UPDATE, INSERT, DELETE object privileges for all columns of the products, Sales and Payroll application table to the users G_user and H_user.

GRANT SELECT, UPDATE, INSERT, DELETE ON Products, Sales and Payroll TO G_user, H_user;
----------------------------------

0 0
Add a comment
Know the answer?
Add Answer to:
Scenario: In your newly assigned Oracle DBA position, the security audit team wants you to be...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • Lab 3: Securing the Database Environment You have been hired as the DBA for Haphazard, Inc....

    Lab 3: Securing the Database Environment You have been hired as the DBA for Haphazard, Inc. You are asked to fulfill the following needs of the Database environment. You can choose any database, such as Oracle, MySql, Sqlserver, etc. 1. Users, roles, and privileges need to be added to the database. Identify the statements that would be used for creating the following users, roles, and privileges that match the following requirements: a. Create a user account NLitzinger identified by the...

  • A test specification provides designers with what needs to be known in order to perform a...

    A test specification provides designers with what needs to be known in order to perform a specific test, and to validate and verify the requirement to be tested. The test script is divided into the test script, which is the generic condition to be tested, and one or more test cases within the test script. Provide a test script and test case for at least 3 of your requirements identified in your requirements specification. Provide the following format for an...

  • TASK Read the Regional gardens case study document before attempting this assignment. Background: You have been...

    TASK Read the Regional gardens case study document before attempting this assignment. Background: You have been employed by Regional Gardens as their first Chief Information Officer (CIO). You have been tasked by the Board to conduct a review of the company’s risks and start to deploy security policies to protect their data and resources. You are concerned that the company has no existing contingency plans in case of a disaster. The Board indicated that some of their basic requirements for...

  • Please read the article and answer about questions. You and the Law Business and law are...

    Please read the article and answer about questions. You and the Law Business and law are inseparable. For B-Money, the two predictably merged when he was negotiat- ing a deal for his tracks. At other times, the merger is unpredictable, like when your business faces an unexpected auto accident, product recall, or government regulation change. In either type of situation, when business owners know the law, they can better protect themselves and sometimes even avoid the problems completely. This chapter...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT