Mark works as the Database Administrator for DataWorld Inc. The company has a SQL server 2008 database.
Mark wants to protect the database from unintended activities made by authorized individuals or processes
such as authenticated misuse, malicious attacks, orinadvertent mistakes. Which of the following should he use
to accomplish the task?
A.
Native auditing
B.
Abstraction
C.
Referential integrity
D.
Database security
Explanation:
Database security refers to the system, processes, and procedures that protect a database from unintended
activities, such as authenticated
misuse, malicious attacks, or inadvertent mistakes made by authorized individuals or processes.
Database security can begin with the process
of creating and publishing appropriate security standards for the database environment. These standards may
include specific controls for the
various relevant database platforms.
Answer B is incorrect. Abstraction is a method of coding that enables a user to focus on the coding rather than
the syntax for a specificdatabase API. A user can use generic methods to access a database. In order to perform database
abstraction, a user requires additional
code or libraries. The benefit of database abstraction is that it provides a uniform interface for database
access.
Answer A is incorrect. Native auditing is the process of extracting trails on a regular basis so that they can be
transferred to a
designated security system where the database administrators do not have access. This ensures a certain
level of segregation of duties and
provides evidence that the native audit trails werenot modified by authenticated administrators. Answer C is
incorrect. Referential integrity is a feature or property that prevents users or applications from entering
inconsistent data which, when satisfied, requires every value of one column of a table to exist as a value of
another column in a different or the same table.