Database Security

1) Why is it important to document the process of managing user accounts (creating, altering and removing privileges, e.g.) ?

a) Provide administrative consistency

b) Possible legal issue. Create accounts of who you were authorized to do so.

c) All of the above

2) Oracle provides options to authenticate by password, externally or globally. Which is the one most commonly used in Oracle ?

a) By password

b) Externally (by operating system)

c) Globally

3. This option is more frequently used by MS-SQL Server, where OS vendor and DBMS vendor are the same.

a) By password

b) Externally (by operating system)

c) Globally

4. This option is more appropriate for large Distributed Databases (1 logical Database, many physical databases).

a) By password

b) Externally (by operating system)

c) Globally

5. Kerberos (third party authentication tool created at MIT) could be used with this option.

a) By password

b) Externally (by operating system)

c) Globally

6. A tablespace is the grouping together of tables and other objects by category. Examples: system tablespace, users tablespace, temporary tablespace, read-only tablespace. This grouping together may improve:

a) Performance

b) Security

c) Admin. Tasks. Make maintenance easier

d) All of the above.

7. The following object represents privileges that may be granted to a group of users?

a) Roles

b) Profiles

c) Views

d) All of the above

8. The following object represents limitation of database resources that may be assigned to a group of users?

a) Roles

b) Profiles

c) Views

d) All of the above

9. This feature is not available in many DBMSs, such as MS-SQL Server.

a) Roles

b) Profiles

c) Interactive SQL

d) All of the above

10. If a system is too slow and you work in a large organization with many users and many applications using a database. A good and quick action to do in order to discover why the system is slow may be:

a) Examine individual application programs

b) type in SET SPEED TO MAX at the SQL prompt.

c) Reduce every users resources to a limited amount through PROFILE.

11. Most DBMS can be accessed through GUI as well as through SQL. Most DBAs use both GUI and SQL to manage the database. Since GUI is usually quicker for the DBA, why do we need to learn SQL ?

a) SQL is standard for all DBMS, while GUI varies from product to product.

b) Everything you can do with GUI, you can do with SQL and the inverse is not true.

c) All of the above

12. What is the easiest way to hack into an Database

a) Use SQL injection techniques

b) Use Wireshark to capture data coming into and out of the database

c) Use cryptanalysis techniques to decrypt all of the data

d) Set up a program that captures the keystrokes of users typing in their passowords

e) Use a default userid with a default password

13. Scripts such as Pete Finnigan that test the strength of database accounts, that identify default users and/or default passwords, and that test users who have too many privileges.

a) Should be downloaded off the web and used immediately

b) DBA should test it in a trial database. If possible, make a full copy of the working database. Dont test them in a production database. You dont know the source and even if the source is reliable, there could be an error in the code.

14. If an employee is fired from a company, a quick action that a DBA can do without getting administrative approval is to:

a) Drop the user account

b) Disable the user account

c) Create a remote account for the user to use.

15. If you run a script with user scott and detected that the user has a weak password, what may be an interesting command to do with the users account ?

a) ALTER USER scott ACCOUNT LOCK -- lock a user account

b) ALTER USER scott ACCOUNT UNLOCK;

c) ALTER USER scott PASSWORD EXPIRE; -- Force new pwd

16. The name of the database views (METADATA) that contain security information

a) Is the same from product to product (such as Oracle, mySQL, DB2)

b) It is totally different from product to product the name as well as the way it is accessed.

c) The names will be different, but they are accessed the same way. Metadata is stored in tables (on most DBMS products) just like the data.

17. In a real production database

a) It is important to change default passwords, but we should always keep the default users. They are essential for managing the system.

b) Default users as well as default passwords, may weaken security. instead of a user called root or SYSTEM, it is better to create another user and GRANT the user system privileges.

18) This middleware is the oldest & widely used technology (used in lab).

a) ODBC

b) OLE-DB

c) JDBC

d) ADO

19) This middleware is for accessing Relational Database only

a) ODBC

b) OLE-DB

c) JDBC

d) ADO

20) This middleware represents a GUI layer on top of OLE-DB

a) ODBC

b) CORBA

c) JDBC

d) ADO

21) External connections to database through ODBC, and other middleware as well as through the SQL CREATE LINK command offers is an outstanding feature in modern databases and allows us to be more productive transferring and linking data. However, this easiness also results in the possibility of:

a) A malicious user establishing a connection

b) A user with good intention modifying the database directly through MS-Access or MS-Excel in an environment that has little or no data validation, as opposed to an application program that there is should be more data validation.

c) All of the above

22) When we Link MS-Access to Oracle and modify the Linked data in Microsoft Access. Assuming the data is committed in MS-Access, , Does the data in Oracle changes ?

a) YES

b) NO

23) When we Import MS-Access from Oracle and modify the Imported data in Microsoft Access. Assuming the data is committed in MS-Access, , Does the data in Oracle changes ?

a) YES

b) NO

24) When we Link MS-Access to Oracle and modify the Linked data in Oracle,. Assuming the data is committed in Oracle, can the modified data be viewed in MS-Access ?

a) YES

b) NO

25) As long as your Database is well secured, it is not important to secure the Operating System or the Network associated to the Database.

a) True

b) False