Oracle Database 2 Day + Security Guide Oracle Database 2 Day + Security Guide

Introduction to Oracle Database Security “Introduction to Oracle Database Security”

About Making an Oracle Database Highly Secure “About Making an Oracle Database Highly Secure”

Common Database Security Tasks “Common Database Security Tasks”

Tools for Securing Your Database “Tools for Securing Your Database”

Securing Your Database: A Roadmap “Securing Your Database: A Roadmap”

Securing the Database Installation and Configuration “Securing the Database Installation and Configuration”

About Securing the Database Installation and Configuration “About Securing the Database Installation and Configuration”

Enabling the Default Security Settings “Enabling the Default Security Settings” Default Security Settings for Initialization Parameters “Default Security Settings for Initialization Parameters”

Securing the Oracle Data Dictionary “Securing the Oracle Data Dictionary”

About the Oracle Data Dictionary “About the Oracle Data Dictionary” Finding Views That Pertain to the Data Dictionary “Finding Views That Pertain to the Data Dictionary”

Enabling Data Dictionary Protection “Enabling Data Dictionary Protection”

Guidelines for Securing Operating System Access to Oracle Database “Guidelines for Securing Operating System Access to Oracle Database”

Guideline for Granting Permissions to Run-Time Facilities “Guideline for Granting Permissions to Run-Time Facilities”

Initialization Parameters Used for Installation and Configuration Security “Initialization Parameters Used for Installation and Configuration Security” Initialization Parameters Used for Installation and Configuration Security “Initialization Parameters Used for Installation and Configuration Security”

Modifying the Value of an Initialization Parameter “Modifying the Value of an Initialization Parameter”

Securing Oracle Database User Accounts “Securing Oracle Database User Accounts”

About Securing Oracle Database User Accounts “About Securing Oracle Database User Accounts”

Predefined User Accounts Provided by Oracle Database “Predefined User Accounts Provided by Oracle Database”

Predefined Administrative Accounts “Predefined Administrative Accounts” Predefined Oracle Database Administrative User Accounts “Predefined Oracle Database Administrative User Accounts”

Predefined Non-Administrative User Accounts “Predefined Non-Administrative User Accounts” Predefined Oracle Database Non-Administrative User Accounts “Predefined Oracle Database Non-Administrative User Accounts”

Predefined Sample Schema User Accounts “Predefined Sample Schema User Accounts” Default Sample Schema User Accounts “Default Sample Schema User Accounts”

Expiring and Locking Database Accounts “Expiring and Locking Database Accounts”

Requirements for Creating Passwords “Requirements for Creating Passwords”

Finding and Changing Default Passwords “Finding and Changing Default Passwords”

Guideline for Handling the Default Administrative User Passwords “Guideline for Handling the Default Administrative User Passwords”

Guideline for Enforcing Password Management “Guideline for Enforcing Password Management”

Parameters Used to Secure User Accounts “Parameters Used to Secure User Accounts” Initialization and Profile Parameters Used for User Account Security “Initialization and Profile Parameters Used for User Account Security”

Managing User Privileges “Managing User Privileges”

About Privilege Management “About Privilege Management”

Guideline for Granting Privileges “Guideline for Granting Privileges”

Guideline for Granting Roles to Users “Guideline for Granting Roles to Users”

Guideline for Handling Privileges for the PUBLIC User Group “Guideline for Handling Privileges for the PUBLIC User Group”

Controlling Access to Applications with Secure Application Roles “Controlling Access to Applications with Secure Application Roles”

About Secure Application Roles “About Secure Application Roles”

Tutorial: Creating a Secure Application Role “Tutorial: Creating a Secure Application Role”

Step 1: Create a Security Administrator Account “Step 1: Create a Security Administrator Account”

Step 2: Create User Accounts for This Tutorial “Step 2: Create User Accounts for This Tutorial”

Step 3: Create the Secure Application Role “Step 3: Create the Secure Application Role”

Step 4: Create a Lookup View “Step 4: Create a Lookup View”

Step 5: Create the PL/SQL Procedure to Set the Secure Application Role “Step 5: Create the PL/SQL Procedure to Set the Secure Application Role”

Step 6: Grant EXECUTE Privileges for the Procedure to Matthew and Winston “Step 6: Grant EXECUTE Privileges for the Procedure to Matthew and Winston”

Step 7: Test the EMPLOYEE_ROLE Secure Application Role “Step 7: Test the EMPLOYEE_ROLE Secure Application Role”

Step 8: Optionally, Remove the Components for This Tutorial “Step 8: Optionally, Remove the Components for This Tutorial”

Initialization Parameters Used for Privilege Security “Initialization Parameters Used for Privilege Security” Initialization Parameters Used for Privilege Security “Initialization Parameters Used for Privilege Security”

Securing the Network “Securing the Network”

About Securing the Network “About Securing the Network”

Securing the Client Connection on the Network “Securing the Client Connection on the Network”

Guidelines for Securing Client Connections “Guidelines for Securing Client Connections”

Guidelines for Securing the Network Connection “Guidelines for Securing the Network Connection”

Protecting Data on the Network by Using Network Encryption “Protecting Data on the Network by Using Network Encryption”

About Network Encryption “About Network Encryption”

Configuring Network Encryption “Configuring Network Encryption”

Initialization Parameters Used for Network Security “Initialization Parameters Used for Network Security” Initialization Parameters Used for Network Security “Initialization Parameters Used for Network Security”

Securing Data “Securing Data”

About Securing Data “About Securing Data”

Encrypting Data Transparently with Transparent Data Encryption “Encrypting Data Transparently with Transparent Data Encryption”

About Encrypting Sensitive Data “About Encrypting Sensitive Data”

When Should You Encrypt Data? “When Should You Encrypt Data?”

How Transparent Data Encryption Works “How Transparent Data Encryption Works”

Configuring Data to Use Transparent Data Encryption “Configuring Data to Use Transparent Data Encryption”

Step 1: Configure the Wallet Location “Step 1: Configure the Wallet Location”

Step 2: Create the Wallet “Step 2: Create the Wallet”

Step 3: Open (or Close) the Wallet “Step 3: Open (or Close) the Wallet”

Step 4: Encrypt (or Decrypt) Data “Step 4: Encrypt (or Decrypt) Data”

Encrypting Individual Table Columns “Encrypting Individual Table Columns”

Encrypting a Tablespace “Encrypting a Tablespace”

Checking Existing Encrypted Data “Checking Existing Encrypted Data”

Checking Whether a Wallet Is Open or Closed “Checking Whether a Wallet Is Open or Closed”

Checking Encrypted Columns of an Individual Table “Checking Encrypted Columns of an Individual Table”

Checking All Encrypted Table Columns in the Current Database Instance “Checking All Encrypted Table Columns in the Current Database Instance”

Checking Encrypted Tablespaces in the Current Database Instance “Checking Encrypted Tablespaces in the Current Database Instance” Data Dictionary Views for Encrypted Tablespaces “Data Dictionary Views for Encrypted Tablespaces”

Choosing Between Oracle Virtual Private Database and Oracle Label Security “Choosing Between Oracle Virtual Private Database and Oracle Label Security” Comparing Oracle Virtual Private Database with Oracle Label Security “Comparing Oracle Virtual Private Database with Oracle Label Security”

Controlling Data Access with Oracle Virtual Private Database “Controlling Data Access with Oracle Virtual Private Database”

About Oracle Virtual Private Database “About Oracle Virtual Private Database”

Tutorial: Creating an Oracle Virtual Private Database Policy “Tutorial: Creating an Oracle Virtual Private Database Policy”

Step 1: If Necessary, Create the Security Administrator Account “Step 1: If Necessary, Create the Security Administrator Account”

Step 2: Update the Security Administrator Account “Step 2: Update the Security Administrator Account”

Step 3: Create User Accounts for This Tutorial “Step 3: Create User Accounts for This Tutorial”

Step 4: Create the F_POLICY_ORDERS Policy Function “Step 4: Create the F_POLICY_ORDERS Policy Function”

Step 5: Create the ACCESSCONTROL_ORDERS Virtual Private Database Policy “Step 5: Create the ACCESSCONTROL_ORDERS Virtual Private Database Policy”

Step 6: Test the ACCESSCONTROL_ORDERS Virtual Private Database Policy “Step 6: Test the ACCESSCONTROL_ORDERS Virtual Private Database Policy”

Step 7: Optionally, Remove the Components for This Tutorial “Step 7: Optionally, Remove the Components for This Tutorial”

Enforcing Row-Level Security with Oracle Label Security “Enforcing Row-Level Security with Oracle Label Security”

About Oracle Label Security “About Oracle Label Security”

Guidelines for Planning an Oracle Label Security Policy “Guidelines for Planning an Oracle Label Security Policy”

Tutorial: Applying Security Labels to the HR.LOCATIONS Table “Tutorial: Applying Security Labels to the HR.LOCATIONS Table”

Step 1: Register Oracle Label Security and Enable the LBACSYS Account “Step 1: Register Oracle Label Security and Enable the LBACSYS Account” Registering Oracle Label Security with Oracle Database “Registering Oracle Label Security with Oracle Database” Enabling the Default Oracle Label Security User Account LBACSYS “Enabling the Default Oracle Label Security User Account LBACSYS”

Step 2: Create a Role and Three Users for the Oracle Label Security Tutorial “Step 2: Create a Role and Three Users for the Oracle Label Security Tutorial” Creating a Role “Creating a Role” Creating the Users “Creating the Users”

Step 3: Create the ACCESS_LOCATIONS Oracle Label Security Policy “Step 3: Create the ACCESS_LOCATIONS Oracle Label Security Policy”

Step 4: Define the ACCESS_LOCATIONS Policy-Level Components “Step 4: Define the ACCESS_LOCATIONS Policy-Level Components”

Step 5: Create the ACCESS_LOCATIONS Policy Data Labels “Step 5: Create the ACCESS_LOCATIONS Policy Data Labels”

Step 6: Create the ACCESS_LOCATIONS Policy User Authorizations “Step 6: Create the ACCESS_LOCATIONS Policy User Authorizations”

Step 7: Apply the ACCESS_LOCATIONS Policy to the HR.LOCATIONS Table “Step 7: Apply the ACCESS_LOCATIONS Policy to the HR.LOCATIONS Table”

Step 8: Add the ACCESS_LOCATIONS Labels to the HR.LOCATIONS Data “Step 8: Add the ACCESS_LOCATIONS Labels to the HR.LOCATIONS Data” Granting HR FULL Policy Privilege for the HR.LOCATIONS Table “Granting HR FULL Policy Privilege for the HR.LOCATIONS Table” Updating the OLS_COLUMN Table in HR.LOCATIONS “Updating the OLS_COLUMN Table in HR.LOCATIONS”

Step 9: Test the ACCESS_LOCATIONS Policy “Step 9: Test the ACCESS_LOCATIONS Policy”

Step 10: Optionally, Remove the Components for This Tutorial “Step 10: Optionally, Remove the Components for This Tutorial”

Controlling Administrator Access with Oracle Database Vault “Controlling Administrator Access with Oracle Database Vault”

About Oracle Database Vault “About Oracle Database Vault”

Tutorial: Controlling Administrator Access to the OE Schema “Tutorial: Controlling Administrator Access to the OE Schema”

Step 1: Enable Oracle Database Vault “Step 1: Enable Oracle Database Vault” Installing Oracle Database Vault “Installing Oracle Database Vault” Registering Oracle Database Vault with Oracle Database “Registering Oracle Database Vault with Oracle Database” Enabling Database Access Control for the Database Vault Account Manager Account “Enabling Database Access Control for the Database Vault Account Manager Account”

Step 2: Grant the SELECT Privilege on the OE.CUSTOMERS Table to User SCOTT “Step 2: Grant the SELECT Privilege on the OE.CUSTOMERS Table to User SCOTT”

Step 3: Select from the OE.CUSTOMERS Table as Users SYS and SCOTT “Step 3: Select from the OE.CUSTOMERS Table as Users SYS and SCOTT”

Step 4: Create a Realm to Protect the OE.CUSTOMERS Table “Step 4: Create a Realm to Protect the OE.CUSTOMERS Table”

Step 5: Test the OE Protections Realm “Step 5: Test the OE Protections Realm”

Step 6: Optionally, Remove the Components for This Tutorial “Step 6: Optionally, Remove the Components for This Tutorial”

Auditing Database Activity “Auditing Database Activity”

About Auditing “About Auditing”

Why Is Auditing Used? “Why Is Auditing Used?”

Where Are Standard Audited Activities Recorded? “Where Are Standard Audited Activities Recorded?”

Auditing General Activities Using Standard Auditing “Auditing General Activities Using Standard Auditing”

About Standard Auditing “About Standard Auditing”

Enabling or Disabling the Standard Audit Trail “Enabling or Disabling the Standard Audit Trail”

Using Default Auditing for Security-Relevant SQL Statements and Privileges “Using Default Auditing for Security-Relevant SQL Statements and Privileges”

About Default Auditing “About Default Auditing”

Enabling Default Auditing “Enabling Default Auditing”

Individually Auditing SQL Statements “Individually Auditing SQL Statements”

Individually Auditing Privileges “Individually Auditing Privileges”

Using Proxies to Audit SQL Statements and Privileges in a Multitier Environment “Using Proxies to Audit SQL Statements and Privileges in a Multitier Environment”

Individually Auditing Schema Objects “Individually Auditing Schema Objects”

Auditing Network Activity “Auditing Network Activity”

Tutorial: Creating a Standard Audit Trail “Tutorial: Creating a Standard Audit Trail”

Step 1: Log In and Enable Standard Auditing “Step 1: Log In and Enable Standard Auditing”

Step 2: Enable Auditing for SELECT Statements on the OE.CUSTOMERS Table “Step 2: Enable Auditing for SELECT Statements on the OE.CUSTOMERS Table”

Step 3: Test the Audit Settings “Step 3: Test the Audit Settings”

Step 4: Optionally, Remove the Components for This Tutorial “Step 4: Optionally, Remove the Components for This Tutorial” To set AUDIT_TRAIL to its original value: “To set AUDIT_TRAIL to its original value:”

Step 5: Remove the SEC_ADMIN Security Administrator Account “Step 5: Remove the SEC_ADMIN Security Administrator Account”

Guidelines for Auditing “Guidelines for Auditing”

Guideline for Using Default Auditing of SQL Statements and Privileges “Guideline for Using Default Auditing of SQL Statements and Privileges”

Guidelines for Managing Audited Information “Guidelines for Managing Audited Information”

Guidelines for Auditing Typical Database Activity “Guidelines for Auditing Typical Database Activity”

Guidelines for Auditing Suspicious Database Activity “Guidelines for Auditing Suspicious Database Activity”

Initialization Parameters Used for Auditing “Initialization Parameters Used for Auditing” Initialization Parameters Used for Auditing “Initialization Parameters Used for Auditing”