Your Company is designing and developing a number of databases for a stock exchange. One of the
databases will contain highly sensitive data for which high level of security will be required. Although high
processing speed is one of the prime requirements of the customer, for this database, security of the data will
take priority over the processing speed. It needs to be ensured that even if unauthorized access to the
database is obtained, the rogue user is unable to read the data. Which of the following protection techniques
will you suggest for this database?
A.
Authentication
B.
Encryption
C.
Native auditing
D.
Integrity controls
Explanation:
According to the question, the database contains highly sensitive data and that needs to be protected from
being read by a rogue user even if he is able to access database un-authoritatively. In order to accomplish this
task, you should suggest applying encryption over the database. Encryption provides an additional security
layer, protecting the data from unauthorized viewing with the help of an algorithm called cipher. Evenif access
to the database is obtained, it will not be easy todecipher encrypted data into a readable form.
Answer A, D, and C are incorrect. These techniques will not help in protecting the data, in case a rouge user
has unauthorized access to the database.