Demystifying Oracle Database SecurityOnPrem OCI

OCI, Database Vault , Encryption using TDE & NNE , Autonomous Databases , DBSAT , Oracle Unified Auditing , Data Safe
Demystifying Oracle Database SecurityOnPrem OCI
File Size :
1.83 GB
Total length :
5h 10m



Kshitij Joy (Udemy Instructor Partner)


Last update




Demystifying Oracle Database SecurityOnPrem OCI

What you’ll learn

Top 10 Data Security Breaches of 21st Century
Major Security Threats
What is Oracle Maximum Security Architecture (MSA)
Setup VM Database System
Setup Autonomous Database
Understand Database Vault : Features & Benefits
Configure Database Vault for CDB & PDB
Working with Realms
Enable Database Vault for Autonomous Database
Creating Realms for Autonomous Database
Understanding TDE : Benefits of TDE
TDE Key Architecture & Key Stores
Configure TDE for CDB & PDB
Understanding Native Network Encryption (NNE)
Inspecting Network Packets before & after NNE
Understanding DBSAT
Configuring DBSAT Collector / Reporter
What is Oracle Unified Auditing
Comparison between Traditional vs Unified Auditing
Demo: Enable Pure Mode of Unified Auditing
Demo: Creating a Customised Auditing Policy
Oracle Data Safe Features
Data Safe: Security Assessment / User Assessment
Data Safe: Data Discovery / Data Masking

Demystifying Oracle Database SecurityOnPrem OCI


Oracle DBA’s / Developers / DevOps


With the advent of Cloud Computing the biggest challenge that is being faced by the organizations is around Database Security. I understand companies ensure Oracle MAA (Maximum Availability Architecture) but trust me it’s time to embrace Oracle MSA (Maximum Security Architecture). Through this course I will demystify the Oracle database security for On-Prem and Oracle Cloud Infrastructure (OCI).I will show the evidence of the Top 10 Data Security Breaches of 21st century. We will try and understand the Major Security Threats , Artefacts of Database Security and will give you a good understanding of Oracle Maximum Security Architecture.For our learning we shall build 3 environments:· Oracle On-Prem Environment on VM Machine· Oracle Virtual Machine DB System· Oracle Autonomous Database (ADB).We will start our learning with Oracle Database Vault , understand the features, components, Separation of Duties. We will perform some demos to understand how to configure Database Vault for CDB & PDB. We will understand the concept behind Realms and also configure our own realm. We will work on a couple of use cases regarding the permissions that need to be given to the DBA to export the schema protected by realms. We will also configure the Database Vault for Autonomous Databases as well.One of the most important requirements from the regulators is the Data Encryption which can be configured for Data at Rest using Transparent Data Encryption(TDE) and for Data in Transit using Native Network Encryption (NNE). We will go deep dive to understand TDE Key Architecture and the concept of Oracle Key vaults. I will perform strings command on the data files and show you that your Table’s data is visible in clear text format and then will implement TDE and encrypt the data at rest. Same way I will show you that if you inspect the network packets the data in transit is available in clear text, once NNE is implemented the data in transit gets encrypted as well.Next we will move to assessment of Database security through Database Security Assessment Tool (DBSAT), We will learn the DBSAT Components, tools and perform demo for DBSAT collector / reporter and also understand and look at the different output files that are created by DBSAT.Another key architectural change for post 12c release was Oracle Unified Auditing, we will understand the comparison between the traditional vs Unified auditing. The Unified Auditing brings a number of policies which come out of box and are enabled by default. For our demos we will enable the unified auditing to run in pure mode , we will make use of the out of the box policies and also create our own customized policy.In the end we will move onto an amazing feature Oracle Data Safe which helps to bring entire database security under one umbrella. The Oracle Data Safe can be used for On-Prem database, VM / BM Database Systems and Autonomous Databases. Through Oracle Data Safe we will perform the demos to achieve Database Security Assessment, User Assessment , Data Sensitive Discovery and Data Masking.RegardsKshitij Joy (OCM & OCI Architect)DB Alchemist Academy


Section 1: Introduction

Lecture 1 Introduction & What will you Learn !!!

Lecture 2 Top 10 Data Security Breaches of 21st Century

Lecture 3 Major Security Threats

Lecture 4 What is Oracle MSA (Maximum Security Architecture)

Lecture 5 Major Artefacts of Database Security

Section 2: Environment Setup- On-Prem & OCI

Lecture 6 Lab Setup : Intro

Lecture 7 Setup a VM Database System

Lecture 8 Setup an Autonomous Database (ADW)

Lecture 9 Setup an On-Prem Database on Oracle 18c XE

Section 3: Segregation of Duties (Oracle Database Vault)

Lecture 10 Intro : Oracle Database Vault

Lecture 11 What is Oracle Database Vault

Lecture 12 Database Vault Features

Lecture 13 Database Vault Components

Lecture 14 Separation of Duties- New Users

Lecture 15 Demo: Configuring Oracle Database Vault for CDB : On-Prem

Lecture 16 Demo: Configure Oracle Database Vault for PDB

Lecture 17 Demo: Working with Realms

Lecture 18 Demo: Exporting Schema in a Database Vault Enabled Database

Lecture 19 Demo: How to Create a user

Lecture 20 Subscribe to our YouTube Channel

Lecture 21 Demo: Enable Database Vault for Autonomous Databases

Lecture 22 Demo: Create Realms for ADB

Section 4: Encrypting Data At Rest (TDE) & Data in Transit (NNE)

Lecture 23 Intro : Data Encryption

Lecture 24 What is Transparent Data Encryption

Lecture 25 What are the benefits of TDE

Lecture 26 Understand TDE Key Architecture

Lecture 27 Column Vs Tablespace Encryption

Lecture 28 Different Types of Keystores(Wallets)

Lecture 29 Demo: Read Data from Binary Database File

Lecture 30 Demo: Configure TDE in On-Prem Environment- CDB

Lecture 31 Configure TDE in On-Prem Environment- PDB

Lecture 32 What is Native Network Encryption (NNE)

Lecture 33 Demo: Inspect Network Packets for Data in Transit

Lecture 34 How to check NNE is enabled ?

Lecture 35 Demo: How to enable NNE

Lecture 36 Demo: Checking NNE is Enabled

Lecture 37 Inspect Network Traffic After Enabling NNE

Lecture 38 A 10 Second Survey

Section 5: Assessing the Security

Lecture 39 Introduction : DBSAT

Lecture 40 What is DBSAT ?

Lecture 41 DBSAT Graphical Components

Lecture 42 DBSAT Tool Components

Lecture 43 DBSAT Reporting

Lecture 44 Demo: How to use DBSAT Collector

Lecture 45 Demo: How to use DBSAT Reporter

Lecture 46 Demo: Understand DBSAT Output Files

Section 6: Oracle Unified Auditing: On-Prem & Oracle Cloud

Lecture 47 Introduction : Oracle Unified Auditing

Lecture 48 What is Oracle Unified Auditing ?

Lecture 49 Comparison between Traditional vs Unified Auditing

Lecture 50 Default Auditing Policies : Out of Box

Lecture 51 Demo: Testing the Drop User on PDB

Lecture 52 Demo: Enable Pure Mode of Unified Auditing

Lecture 53 Demo: Creating a Customised Auditing Policy

Section 7: Oracle Data Safe

Lecture 54 Introduction : Oracle Data Safe

Lecture 55 Oracle Data Safe Features

Lecture 56 Data Safe Security Assessment

Lecture 57 Data Safe User Assessment

Lecture 58 Data Safe Activity Auditing

Lecture 59 Data Safe Sensitive Data Discovery

Lecture 60 Demo: Register a Target for Data Safe

Lecture 61 Demo: Data Safe Security Assessment

Lecture 62 Demo: Data Safe User Assessment

Lecture 63 Demo: Data Safe Data Discovery

Lecture 64 Demo: Data Safe Data Masking

Beginner to the World of Cloud Computing & Any Experienced DBA’s / Developers looking to get Understand Oracle Database Security On-Prem & Oracle Cloud (OCI)

Course Information:

Udemy | English | 5h 10m | 1.83 GB
Created by: Kshitij Joy (Udemy Instructor Partner)

You Can See More Courses in the IT & Software >> Greetings from

New Courses

Scroll to Top