Final Exam

Ace your homework & exams now with Quizwiz!

___________________ requires that users have the least amount of privileges required to perform their specific tasks - only the data they need and nothing more.

The principle of least privileges

Check all that apply. Oracle user secuity domains are a set of properties that can determine things such as

The system resource limits (for example, CPU processing time) for the user The tablespace quotas (available disk space) for the user The actions (privileges and roles) available to the user

_________________________ concern communication through the timing of particular operations.

Timing channels

Check all that apply. In SQL Server, extended events sessions can be created to do the following:

Troubleshoot excessive CPU usage caused by query recompilation Find a query that is blocking other queries Troubleshoot deadlocks Find root causes of latch contention Find the most expensive queries

Auditing is the monitoring and recording of selected user database actions.

True

Data hashing can be used in data warehousing to determine what records to update, load and skipped.

True

Each Oracle user is associated with a default tablespace and a temporary tablespace.

True

In SQL Server, a schema is a logical container that groups objects of similar scope or ownership together.

True

In cloud database environments, the amount of control one has at the server level depends on the type of service (Infrastructure as a Service, Platform as a Service, or Software as a Service).

True

Inference attacks violate the principle of confidentiality.

True

Information Flow Control is data-centric, and achieves protection by associating security labels with data, in order to track and limit data propagation.

True

Password complexity verification checks that each password is complex enough to provide reasonable protection against intruders who try to break into the system by guessing passwords.

True

Polyinstantiation is a database technique that allows the database to contain multiple instances of the same data but with different classifications.

True

Roles are named groups of related privileges that you grant to users or other roles.

True

Transparent data encryption protects data at rest.

True

With hashing, the same message causes the algorithm to generate the same hash value.

True

In access control, we define a subject as ____________________.

a process executing on behalf of a user

In Denning's information flow model FM = < N, P, SC, ⊕, → >, SC represents __________________________________.

a set of security classes corresponding to disjoint classes of information

Situations where accumulation and association combine to change the sensitivity of data and, thus, the business-impact level if it were compromised is an example of issues with _______________.

aggregation

Check all that apply. NoSQL databases were developed in response to

an increase in the volume of data stored about users, objects and products the frequency in which data about users, objects and products is accessed performance and processing needs

Check all that apply. The data that comprises the database index can be ________________

at rest in use in motion

A successful denial of service attack will violate the concept of ____________ .

availability

Posting private information from a database onto a public website violates the principle of _____________.

confidentiality

The concept of _____________ emphasizes that private or sensitive information is not disclosed to unauthorized individuals.

confidentiality

The _____________ property ensures that any transaction will bring the database from one valid state to another

consistency

A ___________________________ policy is a means of assigning access rights based on rules specified by users.

discretionary access control

A(n) ___________________ is a number that is generated by reading the contents of a document, message, string or data columns.

hash

The __________________ property ensures that the concurrent execution of transactions results in a system state that would be obtained if transactions were executed serially, i.e., one after the other.

isolation

A ____________ is a tuple containing a sensitity level and a set of compartments.

label

A ___________________________ policy is a means of assigning access rights based on regulations by a central authority.

mandatory access control

Check all that apply. At which level(s) can information flow control be implemented?

operating system software library middle ware hardware

The inference attack mitigation data item control known as ________________________ involves separating the data, often times physically, depending on classification of the information.

partitioning

In the SQL Server security model, ____________ are the individuals, groups, and processes granted access to the database.

principals

The inference attack mitigation data item control known as ________________________ is often used in statistical databases to prevent inference of sensitive information about individuals from legitimate aggregate queries.

random data perturbation

In the SQL Server security model, ____________ are the the server, database, and objects the database contains.

securables

Check all that apply. Which of the following are considered personally identifiable information?

social security number email address mother's maiden name name date and place of birth

Gaining information on the database plaintext values by observing a snapshot of the database at a certain time is known as _______________________.

static leakage

Oracle stores data logically in ______________ and physically in ______________ associated with the corresponding tablespace.

tablespaces, data files

In Denning's information flow model FM = < N, P, SC, ⊕, → >, ⊕ represents __________________________________.

the class combining operator, an associative and commutative binary operator, which specifies for any pair of operand classes, the class in which the result of any binary function belongs

Check all that apply With the technique of well-formed transactions, _____________________________.

users can only manipulate data in constrained ways that preserve or establish its integrity users may not manipulate data arbitrarily it is more difficult for someone to maliciously or inadvertently change data

_____________ ensures that only legitimate users gain access to the system.

Authentication

_____________ ensures that those users only have access to resources they are permitted to access.

Authorization

___________________ controls which actions of principals are allowed.

Authorization

___________ is a term that best applies to data being transmitted via FTP.

Data in motion

Check all that apply. SQL Server security principals are managed at which levels?

Database Windows operating system SQL Server

Which type of NoSQL database is best for storing contracts, land deeds and legal notices?

Document

__________________________ showed how information stored in large databases could be accessed without knowing how the information was structured or where it resided in the database.

Edgar Codd

_______________ should be used to protect backups and ensure confidentiality.

Encryption

A role-based access control policy is a relation on subjects, objects, and rights.

False

Aggregation is a database technique that allows the database to contain multiple instances of the same data but with different classifications.

False

Data encryption can be used in data warehousing to determine what records to update, load and skipped.

False

Databases and their objects cannot be treated like source code.

False

Information flow control security policy defines permitted relationships between the labels of data and the labels of subjects requesting access to data.

False

The default user names and passwords created during the installation of some database management systems should not be changed.

False

There is only one algorithm for generating a hash.

False

With hashing, the same message causes the algorithm to generate a different hash value.

False

What is the keyword used for giving a principal permisssions to act on a securable?

GRANT

Which type of NoSQL database is best for storing data about social networks?

Graph

Check all that apply. What is the purpose of auditing?

Investigate suspicious activity Enable future accountability for current actions taken in a particular schema, table, or row, or affecting specific content Monitor and gather data about specific database activities

Check all that apply. What are the components of SQL Server auditing?

SQL Server audit Target Server audit specification Database audit specification

Check all that apply. What are the advantages for using roles for securing a database system?

Selective availability of privileges Application awareness Dynamic privilege management Reduced privilege administration Application-specific security

___________________ manages conflicts of interest and implements an appropriate level of checks and balances on an individual's activities to ensure they do not have toxic privilege combinations.

Separation of duties

_______________ is a type of database partitioning that separates very large databases into smaller, faster, more easily managed parts

Sharding

_________________________ refer to the leakage of information through sanctioned use of the system.

Side channels

_________________________ are covert channels where communication occurs through (reading/writing to) a shared resource.

Storage channels

In which domain of the IT infrastucture does the database server reside?

System/application domain

_________________________ occur when an attacker can observe the program running and when it ends.

Termination channels

Check all that apply. What are the properties of a good hashing algorithm?

The algorithm is very efficient. The algorithm is computationally unfeasible to reverse. The algorithm is especially sensitive to small changes in the input.


Related study sets

Chapter 19 Analysis and Monitoring of Gas Exchange

View Set

Module 8 - Energy Balance, Weight Management, & Eating Disorders

View Set

Property: Basics, Possession and Personal Property

View Set

*N3632 FOUNDATIONS | NCLEX REVIEW

View Set

Pulmonary Radiology John Yasmer, DO

View Set