Chapter 5: Database and Cloud Security
T
To create a relationship between two tables, the attributes that define the primary key in one table must appear as attributes in another table, where they are referred to as a foreign key.
T
Two disadvantages to database encryption are key management and inflexibility.
F
A view cannot provide restricted access to a relational database so it cannot be used for security purposes.
B. database
A(n) __________ is a structured collection of data stored for use by one or more applications. A. attribute B. database C. tuple D. inference
A. administrator
A(n) __________ is a user who has administrative responsibility for part or all of the database. A. administrator B. database relations manager C. application owner D. end user other than application owner
B. end user other than application owner
An end user who operates on database objects via a particular application but does not own any of the database objects is the __________. A. application owner B. end user other than application owner C. foreign key D. administrator
C. view
A _________ is a virtual table. A. tuple B. query C. view D. DBMS
C. primary key
A _________ is defined to be a portion of a row used to uniquely identify a row in a table. A. foreign key B. query C. primary key D. data perturbation
A. computer room
A ___________ is the portion of the data center that houses data processing equipment. A. computer room B. main distribution area C. entrance room D. horizontal distribution
T
A data center generally includes backup power supplies.
T
A foreign key value can appear multiple times in a table.
T
A query language provides a uniform interface to the database.
F
A single countermeasure is sufficient for SQLi attacks.
T
Encryption becomes the last line of defense in database security.
F
Fixed server roles operate at the level of an individual database.
D. tuples
In a relational database rows are referred to as _________. A. relations B. attributes C. views D. tuples
D. relation
In relational database parlance, the basic building block is a __________, which is a flat table. A. attribute B. tuple C. primary key D. relation
T
Network security is extremely important in a facility in which such a large collection of assets is concentrated in a single place and accessible by external network connections.
T
SQL Server allows users to create roles that can then be assigned access rights to portions of the database.
T
Security specifically tailored to databases is an increasingly important component of an overall organizational security strategy.
F
Site security of the data center itself includes barriers to entry, coupled with authentication techniques for gaining physical access.
A. relational database
The basic building block of a __________ is a table of data, consisting of rows and columns, similar to a spreadsheet. A. relational database B. query set C. DBMS D. perturbation
T
The database management system makes use of the database description tables to manage the physical database.
T
The value of a primary key must be unique for each tuple of its table.
B. Data owner
_________ is an organization that produces data to be made available for controlled release, either within the organization or to external users. A. Client B. Data owner C. User D. Server
A. Intrusion management
__________ encompasses intrusion detection, prevention and response. A. Intrusion management B. Security assessments C. Database access control D. Data loss prevention
C. Horizontal distribution area
__________ houses cross-connects and active equipment for distributing cable to the equipment distribution area. A. Main distribution area B. Equipment distribution area C. Horizontal distribution area D. Zone distribution area
D. Server
__________ is an organization that receives the encrypted data from a data owner and makes them available for distribution to clients. A. User B. Client C. Data owner D. Server
B. Inference
__________ is the process of performing authorized queries and deducing unauthorized information from the legitimate responses received. A. Perturbation B. Inference C. Compromise D. Partitioning
A. TIA-492
__________ specifies the minimum requirements for telecommunications infrastructure of data centers. A. TIA-492 B. RFC-4949 C. NIST-7883 D. RSA-298
