Demystifying Oracle Database SecurityOnPrem OCI
What you’ll learn
Top 10 Data Security Breaches of 21st Century
Major Security Threats
What is Oracle Maximum Security Architecture (MSA)
Setup VM Database System
Setup Autonomous Database
Understand Database Vault : Features & Benefits
Configure Database Vault for CDB & PDB
Working with Realms
Enable Database Vault for Autonomous Database
Creating Realms for Autonomous Database
Understanding TDE : Benefits of TDE
TDE Key Architecture & Key Stores
Configure TDE for CDB & PDB
Understanding Native Network Encryption (NNE)
Inspecting Network Packets before & after NNE
Understanding DBSAT
Configuring DBSAT Collector / Reporter
What is Oracle Unified Auditing
Comparison between Traditional vs Unified Auditing
Demo: Enable Pure Mode of Unified Auditing
Demo: Creating a Customised Auditing Policy
Oracle Data Safe Features
Data Safe: Security Assessment / User Assessment
Data Safe: Data Discovery / Data Masking
Requirements
Oracle DBA’s / Developers / DevOps
Description
With the advent of Cloud Computing the biggest challenge that is being faced by the organizations is around Database Security. I understand companies ensure Oracle MAA (Maximum Availability Architecture) but trust me it’s time to embrace Oracle MSA (Maximum Security Architecture). Through this course I will demystify the Oracle database security for On-Prem and Oracle Cloud Infrastructure (OCI).I will show the evidence of the Top 10 Data Security Breaches of 21st century. We will try and understand the Major Security Threats , Artefacts of Database Security and will give you a good understanding of Oracle Maximum Security Architecture.For our learning we shall build 3 environments:· Oracle On-Prem Environment on VM Machine· Oracle Virtual Machine DB System· Oracle Autonomous Database (ADB).We will start our learning with Oracle Database Vault , understand the features, components, Separation of Duties. We will perform some demos to understand how to configure Database Vault for CDB & PDB. We will understand the concept behind Realms and also configure our own realm. We will work on a couple of use cases regarding the permissions that need to be given to the DBA to export the schema protected by realms. We will also configure the Database Vault for Autonomous Databases as well.One of the most important requirements from the regulators is the Data Encryption which can be configured for Data at Rest using Transparent Data Encryption(TDE) and for Data in Transit using Native Network Encryption (NNE). We will go deep dive to understand TDE Key Architecture and the concept of Oracle Key vaults. I will perform strings command on the data files and show you that your Table’s data is visible in clear text format and then will implement TDE and encrypt the data at rest. Same way I will show you that if you inspect the network packets the data in transit is available in clear text, once NNE is implemented the data in transit gets encrypted as well.Next we will move to assessment of Database security through Database Security Assessment Tool (DBSAT), We will learn the DBSAT Components, tools and perform demo for DBSAT collector / reporter and also understand and look at the different output files that are created by DBSAT.Another key architectural change for post 12c release was Oracle Unified Auditing, we will understand the comparison between the traditional vs Unified auditing. The Unified Auditing brings a number of policies which come out of box and are enabled by default. For our demos we will enable the unified auditing to run in pure mode , we will make use of the out of the box policies and also create our own customized policy.In the end we will move onto an amazing feature Oracle Data Safe which helps to bring entire database security under one umbrella. The Oracle Data Safe can be used for On-Prem database, VM / BM Database Systems and Autonomous Databases. Through Oracle Data Safe we will perform the demos to achieve Database Security Assessment, User Assessment , Data Sensitive Discovery and Data Masking.RegardsKshitij Joy (OCM & OCI Architect)DB Alchemist Academy
Overview
Section 1: Introduction
Lecture 1 Introduction & What will you Learn !!!
Lecture 2 Top 10 Data Security Breaches of 21st Century
Lecture 3 Major Security Threats
Lecture 4 What is Oracle MSA (Maximum Security Architecture)
Lecture 5 Major Artefacts of Database Security
Section 2: Environment Setup- On-Prem & OCI
Lecture 6 Lab Setup : Intro
Lecture 7 Setup a VM Database System
Lecture 8 Setup an Autonomous Database (ADW)
Lecture 9 Setup an On-Prem Database on Oracle 18c XE
Section 3: Segregation of Duties (Oracle Database Vault)
Lecture 10 Intro : Oracle Database Vault
Lecture 11 What is Oracle Database Vault
Lecture 12 Database Vault Features
Lecture 13 Database Vault Components
Lecture 14 Separation of Duties- New Users
Lecture 15 Demo: Configuring Oracle Database Vault for CDB : On-Prem
Lecture 16 Demo: Configure Oracle Database Vault for PDB
Lecture 17 Demo: Working with Realms
Lecture 18 Demo: Exporting Schema in a Database Vault Enabled Database
Lecture 19 Demo: How to Create a user
Lecture 20 Subscribe to our YouTube Channel
Lecture 21 Demo: Enable Database Vault for Autonomous Databases
Lecture 22 Demo: Create Realms for ADB
Section 4: Encrypting Data At Rest (TDE) & Data in Transit (NNE)
Lecture 23 Intro : Data Encryption
Lecture 24 What is Transparent Data Encryption
Lecture 25 What are the benefits of TDE
Lecture 26 Understand TDE Key Architecture
Lecture 27 Column Vs Tablespace Encryption
Lecture 28 Different Types of Keystores(Wallets)
Lecture 29 Demo: Read Data from Binary Database File
Lecture 30 Demo: Configure TDE in On-Prem Environment- CDB
Lecture 31 Configure TDE in On-Prem Environment- PDB
Lecture 32 What is Native Network Encryption (NNE)
Lecture 33 Demo: Inspect Network Packets for Data in Transit
Lecture 34 How to check NNE is enabled ?
Lecture 35 Demo: How to enable NNE
Lecture 36 Demo: Checking NNE is Enabled
Lecture 37 Inspect Network Traffic After Enabling NNE
Lecture 38 A 10 Second Survey
Section 5: Assessing the Security
Lecture 39 Introduction : DBSAT
Lecture 40 What is DBSAT ?
Lecture 41 DBSAT Graphical Components
Lecture 42 DBSAT Tool Components
Lecture 43 DBSAT Reporting
Lecture 44 Demo: How to use DBSAT Collector
Lecture 45 Demo: How to use DBSAT Reporter
Lecture 46 Demo: Understand DBSAT Output Files
Section 6: Oracle Unified Auditing: On-Prem & Oracle Cloud
Lecture 47 Introduction : Oracle Unified Auditing
Lecture 48 What is Oracle Unified Auditing ?
Lecture 49 Comparison between Traditional vs Unified Auditing
Lecture 50 Default Auditing Policies : Out of Box
Lecture 51 Demo: Testing the Drop User on PDB
Lecture 52 Demo: Enable Pure Mode of Unified Auditing
Lecture 53 Demo: Creating a Customised Auditing Policy
Section 7: Oracle Data Safe
Lecture 54 Introduction : Oracle Data Safe
Lecture 55 Oracle Data Safe Features
Lecture 56 Data Safe Security Assessment
Lecture 57 Data Safe User Assessment
Lecture 58 Data Safe Activity Auditing
Lecture 59 Data Safe Sensitive Data Discovery
Lecture 60 Demo: Register a Target for Data Safe
Lecture 61 Demo: Data Safe Security Assessment
Lecture 62 Demo: Data Safe User Assessment
Lecture 63 Demo: Data Safe Data Discovery
Lecture 64 Demo: Data Safe Data Masking
Beginner to the World of Cloud Computing & Any Experienced DBA’s / Developers looking to get Understand Oracle Database Security On-Prem & Oracle Cloud (OCI)
Course Information:
Udemy | English | 5h 10m | 1.83 GB
Created by: Kshitij Joy (Udemy Instructor Partner)
You Can See More Courses in the IT & Software >> Greetings from CourseDown.com