Download lesson12

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
Document related concepts

Cross-site scripting wikipedia , lookup

Wireless security wikipedia , lookup

Mobile security wikipedia , lookup

Information privacy law wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Security and safety features new to Windows Vista wikipedia , lookup

Data remanence wikipedia , lookup

Security-focused operating system wikipedia , lookup

Computer security wikipedia , lookup

Disaster recovery plan wikipedia , lookup

Unix security wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Transcript 
Data Integrity
Lesson 12
Skills Matrix
Maintaining Data Integrity
• Maintaining data integrity is your most important
responsibility.
– Performing backups of all data on a regular
schedule as your first layer of defense.
– The time between the last backup and the
moment of disaster could involve some data
loss.
– You must work with your management to find
the acceptable loss rate, combined with the
investment rate to avoid the anticipated loss, to
maintain this goal.
Enforcing Organizational Security Policies
• The most important phase of maintaining
data integrity, and the effort demanding your
greatest attention, is the “watchdog” phase.
• You must constantly run baselines to check
for performance degradation and potential
data losses.
• You must constantly encourage users to use
safe practices.
Identifying Risk
1.
2.
3.
4.
Asset identification
Risk assessment
Threat identification
Vulnerability assessment
Understanding Forensic Requirements
• Evidence collection
• Evidence preservation
• Chain of custody
• Jurisdiction
Implementing Physical Security Measures
• Buildings and grounds
• Devices
• Communications
• Storage media
Planning and Education
• Creating a Business Continuity Plan (BCP)
• Creating a disaster recovery plan (DRP)
• Educating Users
Backup, Backup, Backup
• A backup and restoration process creates
your first line of defense against data loss.
• A backup copies your data to a store
somewhere other than on the mass storage
devices supporting your database, usually
on some type of tape media.
– You can also store a backup on a hard drive
on another computer connected over a local
area network (LAN).
Security Plan
• The first step in safeguarding any type of system must be
a good security plan:
– Type of users
– Fixed server roles
– Database access
– Type of access
– Group permissions
– Object creation
– Auditing
– Public role permissions
– Guest access
SQL Server’s Security Architecture
• Starting with SQL Server 2005, Microsoft
introduced the concepts of working with principles,
securables and permissions.
– Principle: An entity (such as a login, user, group,
or role) that can be granted access to a
securable resource.
– Securable: Entities that can be secured with
permissions.
– Permissions: A rule associated with an object to
regulate which users can gain access to the
object and in what manner.
Maintaining Data Integrity
• Principals are entities that can request SQL
Server resources.
• Principals are arranged in a hierarchy.
• The scope of influence of a principal
depends on the scope of the definition of the
principal: Windows, Server, Database, or
whether the principal is indivisible or a
collection
• Every principal has a security identifier (SID).
Principals
Qualified Name
• Every object in a database has a unique four
part fully qualified name in the form
InstanceName.DatabaseName.SchemaNam
e.ObjectName.
– This implies a server level, database level,
schema level, and object level hierarchy.
Qualified Name
• The four part SQL Server security architecture begins
with the InstanceName.
• SQL Server can be installed into multiple instances on
a single Windows operating system (OS) and hardware
platform.
• The default SQL Server installation assumes the name
of the OS platform and thus this four part naming
convention has been traditionally expressed as
ServerName.DatabaseName.SchemaName.ObjectName
• Within each of these four scopes exist securables.
Securables
Permissions
• Within each of these scopes exist
permissions.
• Permissions complete the security
architecture model.
• The permissions available for data
manipulation language (DML) securables.
Permissions Applicable to DML Securables
Summary
• This lesson examined the forethought and
planning that must be undertaken to
maintain data integrity.
– Don’t forget anything. Can a water pipe
rupturing flood your computer room?
– Test your recovery plan for every possible
disaster.
– Practice a database restore (to a different
spindle) to assure your procedures actually
work.
Summary
• SQL Server has a sophisticated security
system that allows you to carefully
implement your security plan.
Summary for Certification Examination
• Understand SQL Server’s security
architecture.
– Understand the concepts of permissions,
securables and principles.
Summary
• You can partition views in the same way you
can partition tables and for the same
reasons: store parts of your views on
different spindles or even different servers.
Related documents
mysql> show tables
mysql> show tables
SQL Server Administration
SQL Server Administration
Did You Know? SQL Server 2008 * [Feature]
Did You Know? SQL Server 2008 * [Feature]
here
here
transfer the PecStar database to a new server
transfer the PecStar database to a new server
Introduction to ASP.NET
Introduction to ASP.NET
Job Descriptions - Human Resources Department JOB GOAL
Job Descriptions - Human Resources Department JOB GOAL
Lecture 10 MS-SQL Server Basics
Lecture 10 MS-SQL Server Basics
Business Intelligence and Data Warehousing
Business Intelligence and Data Warehousing
Data Warehouse performance and maintenance
Data Warehouse performance and maintenance
Security Plans
Security Plans
Lecture 10 MS-SQL Server Basics
Lecture 10 MS-SQL Server Basics
lesson14
lesson14
MidRange Concepts - Fox Valley Technical College
MidRange Concepts - Fox Valley Technical College
Document
Document
by Bernard Iung, Agnès Cachier, Gabriel Baron, David Messika
by Bernard Iung, Agnès Cachier, Gabriel Baron, David Messika
Windows Server 2012 Dynamic Access Control Deep Dive for Active
Windows Server 2012 Dynamic Access Control Deep Dive for Active
Operating Systems (CS 3430/5430) Lecture 25 Name:___________________
Operating Systems (CS 3430/5430) Lecture 25 Name:___________________
Mark Boyer - Methods of securing data in window networks
Mark Boyer - Methods of securing data in window networks
MCITP Administrator: Microsoft SQL Server 2005 Database
MCITP Administrator: Microsoft SQL Server 2005 Database
Android Permissions User Guide
Android Permissions User Guide
CS21Lecture3
CS21Lecture3