NORTH AMERICA EMEA ASIA
All programs BankAudit 2013 InfoSec World Conference & Expo 2013 SuperStrategies Conference & Expo 2013 The Conference on Big Data Security
All programs The Audit Directors & Managers Symposium The MIS Audit Leadership Institute The MIS CAE Master's Program
ABOUT MIS INTERNAL AUDIT IT AUDIT INFO SECURITY IN-HOUSE TRAINING  
 
     Conferences            >      Seminars            >      Symposia            >      Webinars      Online Self Study      Training Weeks      In-House Training      Certificate Programs>      Exhibiting Info      Ways to Save      Request Info      Event Downloads      White Papers      Call for Instructors      Contact MIS      Site Map
Internal Audit IT Audit Info Security
Internal Audit IT Audit Info Security
Auditing and Securing Oracle Databases - ASE351 
A Case Study Using the Security and Integrity Features in Oracle to Perform Control and Security Assessments
Learning Level: Advanced
CPEs: 32 Fee: $2,595.00
Focus and Features Who Should Attend Agenda Register
Agenda

What You Will Learn
1. Oracle Environments
- terminology
- components and products
- platforms
- architecture
- basic risks and exposures
- demonstration: getting started

2. Oracle Objects
- basic data objects
- program-type objects
- evidence: data dictionary and dynamic performance "views"
- case study: delineating the environment and determining the required evidence

3. The Security Mechanism
- high-risk users
- user identification
- authentication
- roles and profiles
- system privileges
- object privileges
- SQL DCL: GRANTS and REVOKES
- case study: analyzing basic access controls

4. Security Features
- views
- stored procedures and triggers
- product_user_profile
- remote login password files
- virtual private databases
- OS file security
- encryption
- case study: evaluating security features use

5. Database Record Mechanisms
- objectives
- methods
- the audit feature
- fine grain auditing
- alert trace files
- case study: assessing recording mechanisms use

6. Integrity Features
- constraints
- referential integrity
- triggers
- change management
- deadlocks
- missing updates
- case study: evaluating integrity feature use

7. High-Risk Commands and Utilities
- Data Guard
- backup/recovery
- scripts
- enterprise manager
- SET commands
- parameter files
- case study: analyzing the operational environment

8. Organizational Impact
- security profiles
- roles and responsibilities
- auditing the DBA function
- areas for standardization
- audit questions
- case study: preparing to interview the DBA

9. Audit and Security Approaches
- general risks
- audit types
- sample audit program
- security checklist
- case study: reporting audit and security findings

10. Wrap-Up
- objectives review
- evaluations

 

 

 

 
REGISTRATION QUESTIONS?
For questions about your registration, government and team discounts, or multiple registrations, please call Linda Ronconi at (508) 879-7999, ext. 501 or e-mail mis@misti.com.

IN-HOUSE SEMINARS
This seminar is available in-house. For more information about bringing this or other MIS seminars to your organization, please call Mimi Hatch at (410) 692-2465 or e-mail mhatch@misti.com.

 


Dates/Locations
March 18 - 21, 2013
Orlando
September 24 - 27, 2013
Chicago