Implementing Database Security and Auditing: Includes ... - ADReM

More documents

Recommendations

Info

xii Contents 9.5 Closely monitor developer activity on production environments 274 9.6 Monitor creation of traces and event monitors 278 9.6.1 Anatomy of the vulnerability: Setting up an event monitor or a trace 278 9.6.2 Implementation options: Monitor event/trace creation and/or audit all event monitors and traces 289 9.7 Monitor and audit job creation and scheduling 290 9.8 Be wary of SQL attachments in e-mails 293 9.9 Summary 294 9.A Windows Trojans 294 10 Encryption 297 10.1 Encrypting data-in-transit 299 10.1.1 Anatomy of the vulnerability: Sniffing data 300 10.1.2 Implementation options for encrypting data-in-transit 306 10.2 Encrypt data-at-rest 316 10.2.1 Anatomy of the vulnerability: Prying SELECTs and file theft 317 10.2.2 Implementation options for encrypting data-at-rest 318 10.2.3 What to consider when selecting an implementation option 321 10.3 Summary 324 10.A Tapping into a TCP/IP session 324 11 Regulations and Compliance 327 11.1 The alphabet soup of regulations: What does each one mean to you? 328 11.1.1 Health Insurance Portability and Accountability Act of 1996 (HIPAA) 329 11.1.2 Gramm-Leach-Bliley Act of 1999 (GLBA) 332 11.1.3 Sarbanes-Oxley Act (SOX or SarBox) 333 11.1.4 California Senate Bill 1386 334 11.2 Understand business needs and map to technical requirements 335 11.2.1 Use “reverse mappings” 336 11.2.2 Timetable, data, and process mappings 337 11.2.3 Example: SOX and Excel 339 11.3 The role of auditing 340 11.4 The importance of segregation of duties 344
Page 2: Implementing Database Security and
Page 6: Implementing Database Security and
Page 10: To my angels—Dafne, Tamir, Ariell
Page 16: viii Contents 2.2.2 Firewalls 39 2.
Page 20: x Contents 5.3.1 Anatomy of the vul
Page 26: Contents xiii 11.5 Implement a sust
Page 32: xvi Preface ers and other clients (
Page 38: Getting Started Getting Started 1 T
Page 42: Getting Started 3 In Decembe
Page 46: Getting Started 5 While e-commerce
Page 50: 1.1 Harden your database environmen
Page 74:
1.1 Harden your database environmen
Page 78:
1.2 Patch your database 21 1.2.1 Tr
Page 82:
1.2 Patch your database 23 fies the
Page 86:
1.2 Patch your database 25 1.2.3 An
Page 90:
1.2 Patch your database 27 Figure 1
Page 94:
1.3 Audit the database 29 The resul
Page 98:
1.5 Resources and Further Reading 3
Page 102:
1.A C2 Security and C2 Auditing 33
Page 106:
2 Database Security within the Gene
Page 110:
2.1 Defense-in-depth 37 ing) one wa
Page 114:
2.2 The security software landscape
Page 118:
2.2 The security software landscape
Page 122:
2.3 Perimeter security, firewalls,
Page 126:
Page 130:
Page 134:
2.5 Application security 49 importa
Page 138:
2.6 Public key infrastructure (PKI)
Page 142:
2.7 Vulnerability management 53 Fig
Page 146:
2.8 Patch management 55 tems, and o
Page 150:
2.9 Incident management 57 3. Harde
Page 154:
2.10 Summary 59 2.10 Summary Don
Page 160:
62 3.1 Leave your database in the c
Page 164:
64 Figure 3.2 Data access diagram s
Page 168:
66 Figure 3.4 Using tabular reports
Page 172:
68 3.3 Track tools and applications
Page 176:
70 3.3 Track tools and applications
Page 180:
72 3.4 Remove unnecessary network l
Page 184:
74 Figure 3.7 Using the SQL Server
Page 188:
Page 192:
Page 196:
Page 200:
82 3.5 Use port scanners—so will
Page 204:
84 3.6 Secure services from known n
Page 208:
86 3.7 Use firewalls tion service.
Page 212:
88 3.A What is a VPN? 3.A What is a
Page 216:
90 3.B Named Pipes and SMB/CIFS 3.B
Page 220:
92 3.B Named Pipes and SMB/CIFS Tab
Page 224:
94 3.B Named Pipes and SMB/CIFS Tab
Page 228:
96 Figure 4.1 Authentication as the
Page 232:
98 Figure 4.2 A Windows user is cre
Page 236:
100 @Spy 4.1 Choose an appropria
Page 240:
102 SID 4.1 Choose an appropriate a
Page 244:
104 4.1 Choose an appropriate authe
Page 248:
106 4.1 Choose an appropriate authe
Page 252:
108 4.2 Understand who gets system
Page 256:
110 4.3 Choose strong passwords 5.
Page 260:
112 4.3 Choose strong passwords Fig
Page 264:
114 4.3 Choose strong passwords Let
Page 268:
116 4.3 Choose strong passwords Fig
Page 272:
118 4.4 Implement account lockout a
Page 276:
120 4.6 Use passwords for all datab
Page 280:
122 4.7 Understand and secure authe
Page 284:
124 4.A A brief account of Kerberos
Page 290:
Application Security 5 After many y
Page 294:
5.1 Reviewing where and how databas
Page 298:
Page 302:
Page 306:
Page 310:
Page 314:
5.2 Obfuscate application code 139
Page 318:
Page 322:
Page 326:
Page 330:
Page 334:
5.3 Secure the database from SQL in
Page 338:
Page 342:
Page 346:
Page 350:
Page 354:
Page 358:
Page 362:
Page 366:
Page 370:
Page 374:
5.4 Beware of double whammies: Comb
Page 378:
5.6 Address packaged application su
Page 382:
5.6 Address packaged application su
Page 386:
5.8 Summary 175 Create a baseline
Page 390:
Using Granular Access Control 6 Onc
Page 394:
6.1 Align user models by communicat
Page 398:
Page 402:
Page 406:
6.2 Use row-level security (fine-gr
Page 410:
6.2 Use row-level security (fine-gr
Page 414:
6.3 Use label security 189 The last
Page 418:
6.3 Use label security 191 Figure 6
Page 422:
6.4 Integrate with enteprise user r
Page 426:
Page 430:
Page 434:
6.5 Integrate with existing identit
Page 438:
6.6 Summary 201 more techniques are
Page 444:
204 7.1 Don’t use external proced
Page 448:
206 Table 7.1 7.1 Don’t use exter
Page 452:
Page 456:
Page 460:
Page 464:
214 7.2 Don’t make the database a
Page 468:
Page 472:
Page 476:
220 7.4 Understand Web services sec
Page 480:
Page 484:
Page 488:
Page 492:
228 7.A Cross-site scripting and co
Page 496:
230 7.B Web services 7.B Web servic
Page 502:
8 Securing database-to-database com
Page 506:
8.1 Monitor and limit outbound comm
Page 510:
8.2 Secure database links and watch
Page 514:
Page 518:
Page 522:
8.4 Monitor usage of database links
Page 526:
8.4 Monitor usage of database links
Page 530:
8.5 Secure replication mechanisms 2
Page 534:
Page 538:
Page 542:
Page 546:
Page 550:
Page 554:
8.6 Map and secure all data sources
Page 558:
Page 562:
Page 566:
Page 570:
Trojans 9 A Trojan is an unauthoriz
Page 574:
9.2 Baseline calls to stored proced
Page 578:
9.3 Control creation of and changes
Page 582:
9.3 Control creation of and changes
Page 586:
9.5 Closely monitor developer activ
Page 590:
9.5 Closely monitor developer activ
Page 594:
9.6 Monitor creation of traces and
Page 598:
9.6 25 26 27 28 33 34 35 36 37 38 3
Page 602:
Page 606:
Page 610:
Page 614:
Page 618:
9.7 Monitor and audit job creation
Page 622:
9.8 Be wary of SQL attachments in e
Page 626:
9.A Windows Trojans 295 [HKEY_LOCAL
Page 632:
298 Directive of Data Protection, t
Page 636:
300 10.1 Encrypting data-in-transit
Page 640:
Page 644:
Page 648:
Page 652:
Page 656:
310 Figure 10.3 No certificate erro
Page 660:
Page 664:
Page 668:
316 10.2 Encrypt data-at-rest Figur
Page 672:
318 10.2 Encrypt data-at-rest corpo
Page 676:
320 10.2 Encrypt data-at-rest DBMS_
Page 680:
322 10.2 Encrypt data-at-rest secur
Page 684:
324 10.A Tapping into a TCP/IP sess
Page 688:
326 10.A Tapping into a TCP/IP sess
Page 692:
328 11.1 The alphabet soup of regul
Page 696:
Page 700:
Page 704:
Page 708:
336 11.2 Understand business needs
Page 712:
338 11.2 Understand business needs
Page 716:
340 11.3 The role of auditing Figur
Page 720:
342 11.3 The role of auditing Figur
Page 724:
344 11.4 The importance of segregat
Page 728:
346 11.4 The importance of segregat
Page 732:
348 11.6 Summary 11.6 Summary logs
Page 736:
350 12.1 Audit logon/logoff into th
Page 740:
352 12.1 BEGIN insert into user_log
Page 744:
354 12.2 Audit sources of database
Page 748:
356 Figure 12.4 Viewing client sour
Page 752:
358 12.4 Audit DDL activity that ma
Page 756:
360 12.5 Audit database errors do n
Page 760:
362 12.6 Audit changes to sources o
Page 764:
364 12.7 Audit changes to privilege
Page 768:
Page 772:
Page 776:
370 12.9 Audit changes to sensitive
Page 780:
372 12.10 Audit SELECT statements f
Page 784:
374 12.12 Summary 12.12 Summary aud
Page 788:
376 13.2 Opt for an independent/bac
Page 792:
378 Figure 13.1 Auditing by inspect
Page 796:
380 Figure 13.3 Auditing by inspect
Page 800:
382 13.5 Secure auditing informati
Page 804:
384 13.6 Audit the audit system the
Page 808:
386 13.8 Thinks in terms of a data
Page 812:
388 13.10 Support changing audit re
Page 816:
390 13.11 Prefer an auditing archit
Page 820:
392 13.A PGP and GPG ing files and
Page 824:
394 13.A PGP and GPG After generati
Page 830:
Index Access administration errors,
Page 834:
proxy, 198 as security model basis,
Page 838:
See also Encryption Data mapping, 3
Page 842:
key pair creation, 392-94 popularit
Page 846:
Microsoft Data Engine (MSDE), 110,
Page 850:
Organization, this book, 6 Outbound
Page 854:
Sarbanes-Oxley Act (SOX). See SOX S
Page 858:
passwords, changing, 105 Query Anal
Page 862:
environment usage, 88 hardware, 89
show all

Implementing Database Security and Auditing: Includes ... - ADReM

Create successful ePaper yourself

Delete template?

Save as template?