Your Company is designing and developing a number of databases for a stock exchange. One of the
databases will contain highly sensitive data for which high level of security will be required. Although
high processing speed is one of the prime requirements of the customer, for this database, security
of the data will take priority over the processing speed. It needs to be ensured that even if
unauthorized access to the database is obtained, the rogue user is unable to read the data. Which of
the following protection techniques will you suggest for this database?
A.
Authentication
B.
Encryption
C.
Native auditing
D.
Integrity controls
Explanation:
According to the question, the database contains highly sensitive data and that needs to be
protected from being read by a rogue user even if he is able to access database un-authoritatively. In
order to accomplish this task, you should suggest applying encryption over the database. Encryption
provides an additional security layer, protecting the data from unauthorized viewing with the help of
an algorithm called cipher. Even if access to the database is obtained, it will not be easy to decipher
encrypted data into a readable form.
Answer A, D, and C are incorrect. These techniques will not help in protecting the data, in case a
rouge user has unauthorized access to the database.
Database activity monitoring (DAM) is a database security technology for monitoring and analyzing database activity that operates independently of the database management system (DBMS) and does not rely on any form of native (DBMS-resident) auditing or native logs such as trace or transaction logs