Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Python
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
Oracle Database 11g R2: Encryption & Advanced Data Security
Oracle Training Overview

Threats to data security abound and are increasing in sophistication and frequency. Organizations have both an ethical and oftentimes a legal responsibility to understand the countermeasures available, to compare these against those threats to which they are exposed, and to properly apply such countermeasures.

This training course module considers how encryption technology should, and should not, be employed within an Oracle database environment in response to known threats and risks. It will also discuss other best security practices which pertain to application security, host system configuration and the database installation.


Oracle Training Course Objectives

  • Consider examples of common security threats and sensitive data which might exist within an organization.
  • Review the essentials of a sound and secure database installation.
  • Consider known database security weaknesses and how these may be addressed.
  • Consider examples of specific attacks which could be launched against individual components within a data center or within the public networks.
  • Review the theory and concepts which underlie symmetric and asymmetric encryption.
  • Consider the primary elements involved in asymmetric encryption, including private and public keys, the Public Key Infrastructure, certificates, Certificate Authorities and wallets.
  • Discuss how symmetric or asymmetric encryption is applied to network traffic, database storage and external files.
  • Consider the limits of encryption strategies and when encryption could be misapplied and counterproductive.
  • Discuss the challenges and options available for encryption key storage.
  • Apply Transparent Data Encryption (TDE) to tablespace, column, export file, RMAN backup set file and SecureFile LOB encryption.
  • Use the Oracle Data Pump access driver to encrypt external tables.
  • Configure Oracle Net Services to repel database attacks and implement advanced security using encrypted network communication.
  • Implement an application-based encryption solution using the DBMS_CRYPTO() package.
  • Review the types of attacks which can be launched using SQL injection, and which countermeasures should be applied to repel these.
  • Implement enhanced application security using the Virtual Private Database (VPD) facility.
Oracle Training Audience

  • Database administrators
  • Web server administrators
  • System administrators
  • Implementation specialists
  • Data center support engineers
  • Security administrators and compliance auditors
Oracle Training Prerequisites

The mandatory prerequisites for this course are these courses:
  • ORACLE DATABASE 11G: SQL FUNDAMENTALS – COMPLETE LIBRARY
  • ORACLE DATABASE 11G: PL/SQL FUNDAMENTALS – COMPLETE LIBRARY
  • ORACLE DATABASE 11G: ADMINISTRATION I
Although not mandatory, another helpful prerequisite is
  • ORACLE DATABASE 11G: ADVANCED PL/SQL PROGRAMMING & TUNING.
Oracle Training Course duration

2.5 Days

Oracle Training Course outline

ABOUT DATABASE SECURITY
  • DATA SECURITY & POTENTIAL THREATS
  • DATABASE SECURITY CHECKLIST
  • SECURING THE DATABASE INSTALLATION
  • SECURE BY DEFAULT CONFIGURATION
ENCRYPTION CONCEPTS
  • ABOUT ENCRYPTION
  • About SSL
  • Challenges With Asymmetric Encryption
  • What Is PKI?
  • A Certificate Challenge Scenario
  • What Is A Wallet?
  • Public-Key Cryptography Standards
  • NETWORK ENCRYPTION
  • STORAGE ENCRYPTION
  • FILE ENCRYPTION
  • ENCRYPTION LIMITATIONS
  • About Advanced Technology
  • Access Control
  • Protection Against A Malicious Insider
  • Encryption Algorithms & Potential Weaknesses
  • Data Encryption Algorithm Developments
  • Choosing A Data Encryption Algorithm
  • Message Integrity Algorithms
  • Choosing An Integrity Algorithm
  • MANAGING ENCRYPTION KEYS
  • Key Storage Strategies
APPLYING TRANSPARENT DATA ENCRYPTION
  • TRANSPARENT DATA ENCRYPTION
  • TDE Encryption Algorithms
  • About Column Encryption
  • MAC & The Integrity Algorithm
  • Is TDE Unbreakable?
  • Network Security
  • MANAGING TDE
  • Encryption Security Module
  • Changing The Default Encryption Security Module
  • Using Hardware Security Modules
  • Wallet Open Options
  • Create Wallet
  • Open & Closed Wallet
  • Advanced Options
  • Re-key Master Encryption Key
  • Migrate To HSM
  • Change Encryption Security Module Settings
  • Change Encryption Wallet Password
  • IMPLEMENTING TABLESPACE ENCRYPTION
  • SQL Create Tablespace With Encryption
  • Querying The Data Dictionary
  • Changing The Encryption State
  • IMPLEMENTING COLUMN ENCRYPTION
  • Specifying Column Encryption
  • Encryption Algorithms
  • Using The EM Interface
  • Limitations To Column Encryption
  • Performance Considerations
APPLYING FILE & LOB ENCRYPTION
  • SECUREFILE LOBS
  • Applying Encryption To LOBs
  • Examining SecureFile Encryption Using PL/SQL
  • Examining SecureFile Encryption Using EM
  • EXTERNAL TABLE ENCRYPTION
  • DATA PUMP ENCRYPTION
  • ENCRYPTION Parameter
  • ENCRYPTION_ALGORITHM Parameter
  • ENCRYPTION_MODE Parameter
  • ENCRYPTION_PASSWORD Parameter
  • Encryption Scenario
  • RMAN BACKUP SET ENCRYPTION
  • Backup Encryption Using EM
  • Backup Encryption Using RMAN
  • Decrypt During Recovery
  • ORACLE SECURE BACKUP
ORACLE NET SERVICES & SECURE COMMUNICATION
  • Oracle Net Within The Application Architecture
  • Components Within Oracle Net
  • COUNTERING DATABASE ATTACKS
  • Limiting Database Attacks
  • Preventing Denial-of-service Attacks
  • What Is A Denial-of-service Attack?
  • Preventing Attacks Against The Database
  • Avoiding Disclosure Of Vulnerabilities
  • Hiding The Database Banner
  • Oracle Net Services User Notifications
  • ORACLE NET NATIVE ENCRYPTION
  • Secure Communications
  • Encryption & Integrity Negotiations
  • Negotiation Security
  • Implementation With Oracle Net Manager
  • Integrity Rules
  • Encryption Rules
  • Implementation With sqlnet.ora
  • Advanced Security Settings
APPLICATION-BASED ENCRYPTION
  • ALGORITHMIC ADAPTATIONS
  • Stream Vs. Block Ciphers
  • Cipher Block Modification
  • Electronic Code Book (ECB)
  • Cipher Block Chaining (CBC)
  • Cipher Feedback (CFB)
  • Output Feedback Mode (OFB)
  • Cipher Block Padding
  • PKCS #5
  • ABOUT DBMS_CRYPTO()
  • Working With Encryption Data
  • Basic DBMS_CRYPTO() Capabilities
  • Key Generation
  • Encryption & Decryption
  • Specifying The Encryption Rules
  • Algorithm Specification
  • Block Cipher Chaining Modifier Specification
  • Block Cipher Padding Modifier Specification
  • Message Integrity Capabilities
  • Hash()
  • MAC()
  • A SIMPLE KEY MANAGEMENT APPROACH
  • Database Storage
  • Application Logic Storage
PROTECTING AGAINST SQL INJECTION ATTACKS
  • UNDERSTANDING THE THREAT
  • How Is The Threat Used?
  • Statement Modification
  • Bypassing Authentication
  • Statement Insertion
  • APPLYING COUNTERMEASURES
  • Use Bind Variables
  • Use DBMS_ASSERT()
IMPLEMENTING VIRTUAL PRIVATE DATABASES
  • UNDERSTANDING VPDS
  • PREPARING FOR A VPD
  • Configuring A Security Administrator
  • Configuring The Application Scenario
  • CONFIGURING A VPD
  • Define An Application Context
  • Define Application Context Attributes
  • Assign Attribute Values
  • Define VPD Policies
  • MANAGING APPLICATION CONTEXTS
  • Dropping An Application Context
  • Using SYS_CONTEXT()
  • MANAGING POLICIES & SECURITY RULES
  • Dropping A Policy
  • Column-level Policy
  • Customizing Policy Attributes
  • Examining Policy Data

Please contact your training representative for more details on having this course delivered onsite or online

Training Outlines - the one stop shopping center for IT training.
© Training Outlines All rights reserved