DB Security - PCI DSS, Firewall Rulebase Analysis, AuditPro, Firesec, Security Assessment and Audit Software for all versions of Operating Systems, Databases, Routers, Switches, Windows, Unix, Linux, Oracle, MS SQL, IBM DB2, Cisco PIX, Cyberguard, Netscreen, Checkpoint Firewalls, GFI Languard, in India, Mumbai, Hyderabad, Delhi, Bangalore, Chennai, Kolkatta, UAE, Dubai, Kuwait, Bahrain, Qatar, Saudi Arabia, Malaysia, Singapore, Thailand, Far East, USA, Europe, North America.

Company
- About Us
- Strengths
- Forums
- Contact Us
Training
Careers
- For Employees
- For Clients
Clients
- Testimonials
Partner with us

Quick Links

Training Curriculum

Training Calendar

About Us

e-Learning Curriculum

Upcoming Batches

Regular Batches

12th -13th Jan, 2011

28th Feb-1st Mar, 2011

9th-10th May, 2011

11th-12th Jul, 2011

19th-20th Sep, 2011

21st-22nd Nov, 2011

Weekend Batches

Begins 5th & 6th Feb, 2011

Begins 2nd & 3rd Apr, 2011

Begins 11th & 12th Jun, 2011

Begins 13th & 14th Aug, 2011

Begins 23rd & 29th Oct, 2011

Begins 24th & 25th Dec, 2011

Database Security

Computer networks are built to support business functionality and beyond communication the result of business is data. The data important to your business is your company's digital assets; it needs organization, maintenance and above all protection from malicious attackers. The modern corporate enterprise contains database solutions used to take care of data. Ensuring that this data doesn’t get into the hands of unauthorized employees, means that you need to recognize and secure it from this threat. The evolution of security training has shown us that the most effective way to learn about security is by learning from the people that know how to attack your systems. By understanding the threat from the attacker's perspective, you can develop effective assessment methodologies and ultimately secure what really matters from ever increasing threat.

Why should you attend this course?

Upon completing this course, delegates should be able to understand:

The fundamental concepts behind database systems
Key components within a database deployment
The integration of databases into business solutions
The process of thorough database assessment, including tools and methodologies
Techniques used by hackers to exploit database flaws and vulnerabilities
Practical assessment and attack vector considerations, through hands-on experience

Who should attend this course?

Internal security teams, database administrators and security consultants concerned with the insecurity of database systems, the exposure they have to network and data compromises, and assessment techniques used to close security holes.

Course Contents

By the end of the course participants will be able to:

Oracle

Section One – Oracle Security Implementation

Module 1: Background
Module 2: Introduction to Oracle 9i
Module 3: Oracle 9i and Internet
Module 4: Advanced security features

Session Two - Securing the operating system

Module 5: Unix
Module 6: Windows

Session Three – General Information Gathering

Module 7: Version
Module 8: Installed software
Module 9: VGA parameters
Module 10: DB security configuration parameters

Session Four – Users and profiles

Module 11: Listing of all users
Module 12: Useful views
Module 13: Profiles
Module 14: Password and account parameters
Module 15: Weak and default passwords

Session Five – Users and profiles

Module 16: System and object privileges
Module 17: Listing of all users and roles
Module 18: Listing privileges granted to users and roles
Module 19: Auditing privileges
Module 20: Cascading privileges
Module 21: Roles with passwords and default roles

Session Six – Security and Developer tools

Module 22: Building Application Security into the database
Module 23: Advanced Security Features

Session Seven – Secure Network Communications

Session Eight – Miscellaneous security aspects

Module 24: SQL Plus Security
Module 25: Database Links
Module 26: Auditing Oracle Built-in Auditing

Session Nine – Backups and disaster recovery tools

Module 27: Oraping
Module 28: Listener Security checker
Module 29: ISS Database scanner

Session Ten – Oracle 10g

SQL Server 2005

Section Eleven – Securing server with safe installation

Module 30: SQL Server Security Architecture
Module 31: Operating System Security
Module 32: SQL Server Accounts
Module 33: Closing unnecessary services

Session Twelve – General SQL security

Module 34: Gathering information
Module 35: SQL Server Authentication modes
Module 36: SQL Configuration parameters
Module 37: Patch levels

Session Thirteen – Database security

Module 38: Sp_configure parameters
Module 39: Scheduled jobs
Module 40: Extended and stored procedures
Module 41: Permission on procedures
Module 42: Privileges granted to roles and users
Module 43: Privileges with GRANT option

Session Fourteen – User Security

Module 44: List of SQL logins
Module 45: Users for each database
Module 46: Default databases
Module 47: Windows authenticated users
Module 48: Weak passwords
Module 49: The sa account

Session Fifteen – Roles and Privileges

Module 50: Gather list of roles
Module 51: Pre-defined roles
Module 52: List users within roles

Session Sixteen – Built-in Auditing – TRACE

Module 53: Backups and disaster recovery