PTR - People, Training ResultsPeople, Training, Results

Independent Technical IT Computer Training Courses

   

Security Course Index & Training Schedule


More Security Courses

Audit & Security of Networks CourseDesigning Security for Microsoft Networks CourseCISSP Fast Track CourseFirewall / VPN - Deployment and Implementation CourseSecurity for IT Practitioners CoursePenetration Testing CourseManaging Robust PKI Services CourseEthical Hacking and Countermeasures CourseEC-Council Security Analyst & Licensed Penetration Tester CourseCertificate in Information Security Management Principles (CISMP) CourseCertified Information Security Manager - CISM CourseCompTIA Security + CourseOracle Database Audit & Security Course


Late Availability Courses:

Training Course Subjects:

Applications Training Courses C Programming Courses C# Programming Courses Cisco Courses Citrix Courses CIW Courses CompTia Courses Database Courses Exchange Server Courses Fortran Courses Internet Courses ITIL Service Management Courses Java Courses Linux Courses Microsoft Courses Microsoft .NET Courses Microsoft Access Courses Microsoft Excel Courses Microsoft Outlook Courses Microsoft Powerpoint & Visio Courses Microsoft Project Courses Microsoft Server Products Courses Microsoft Word Courses Networking Courses Oracle Courses Perl Courses Programming Courses Security Courses SQL Courses SQL Server 2005 Courses SQL Server 2008 Courses Unix Courses VBA Courses Visual Basic Courses Visual Basic 2008 Courses Visual Studio Courses Visual Studio 2008 Courses Visual Studio 2010 Courses VMWare Courses Web Design Courses Windows Server 2003 Courses Windows Server 2008 Courses Windows 7 Courses Windows Vista Courses Windows XP Courses XML Courses

Online e-Learning Courses

Scheduled Classroom based Training Courses

Oracle Database Audit & Security Course

Download PDF course outline

Course Description

The course works on the principle that "if you have done it you will understand it". Therefore do expect this course to involve you a great deal in discussions, workshops and especially examination of the system hands on. By the end of the course you will be familiar with Oracle's client interface, the SQL*PLUS monitor and with simple SQL queries. In particular, you will come to understand the technical language surrounding Oracle and will gain immediate credibility talking to the experts you will inevitably have to work with. Furthermore, by understanding the technology, the descriptions of risk will become immediately understood.

This hands-on course is intended for auditors and security specialists who are aware their businesses use Oracle based products, but do not understand the database platform and therefore the risks it may carry. You will learn how Oracle is built and a concept of what the various categories of user do on the database and the risks they carry.

Hands on labs will show you how to scan the system for objects, especially sensitive tables. And to find out who can do what to them. Further more, in this age of web technology, the concept of the authenticated user accessing parts of your data is passing away. It could be anyone!

Covers Oracle 9i, 10g and 11g.
 £895

3 day course

Scheduled Dates:
11 January 2012
22 February 2012
11 April 2012
16 May 2012
27 June 2012

Location:
PTR's Training Centre
Wokingham, Berkshire.

Course pre-requisites:

Before coming on the course, delegates should feel confident inputting instructions on a command line and accessing files on a filing system. Some exposure to a database environment is useful.


Topics covered on the 3 day Oracle Database Audit & Security course

INTRODUCTION TO AUDIT & SECURITY

AUDIT & SECURITY

  • Security
  • Audit
  • Checklist-Based Auditing
  • Risk-Based Auditing
  • Audit Plan
  • DISA Database STIG
  • NIST

THE BIG PICTURE

  • Access Control
  • Intrusion Prevention
  • Intrusion Detection
  • Secure Data Storage
  • Secure Data Access

INTRODUCTION TO ORACLE

WHAT IS ORACLE?

  • Security Considerations
  • Audit Considerations

ORACLE BASIC ARCHITECTURE

THE PHYSICAL DATABASE

  • The Parameter File
  • The Control File
  • The Password File
  • The Network Configuration Files
  • The listener.ora File
  • The tnsnames.ora File
  • The sqlnet.ora File

THE INSTANCE

  • Licensing
  • Oracle Services
  • The Listener Service
  • The File System Locations
  • The Registry Keys
  • Environment Variables
  • Restricting Access to an Oracle Database
  • Client Connectivity
  • The tnsnames.ora File
  • The Listener Service
  • The listener.ora File
  • The sqlnet.ora File
  • Listener Security
  • Setup Valid Node Checking
  • Encrypting Connections to Oracle
  • Secure Sockets Layer
  • Hardware Security Modules (HSM)
  • Internet Protocol Security (IPSec)
  • Instance & Database Metadata
  • Dynamic Views
  • PFILE

THE LOGICAL DATABASE ARCHITECTURE

  • Database Objects
  • Ownership
  • Schemas
  • Oracle Language Settings

THE MANAGEMENT TOOLS

  • Enterprise Manager
  • sqlplus
  • sqlldr
  • exp & imp
  • rman
  • expdp & impdp

ORACLE LOGS

  • The Alert Log
  • Trace Files
  • User Session Tracing

ORACLE SECURITY COMPLIANCE

ORACLE CONFIGURATION

  • Enterprise Manager
  • Sqlplus
  • Oracle Network Manager
  • Database Configuration Assistant
  • Instance Wide Security Settings
  • Initialization Parameters

STORAGE MANAGEMENT

  • Configuration .ora Files
  • Alert Log & Trace Files
  • ORACLE_HOME Directory
  • Admin Directory
  • The diag directory
  • Data Files
  • Tablespaces
  • The Redo Logs
  • Storage Fault Tolerance
  • Archive Destinations
  • Backup Images
  • Importing And Exporting Data
  • sqlplus
  • sqlldr
  • Imp & exp
  • expdp & impdp
  • Back Ups and Restores
  • Redo Log Architecture
  • Controlfile Backup
  • Recovery manager (RMAN)
  • Security Consideration for Backup & Restore

USER SECURITY

  • Schemas
  • Default User Accounts
  • The SYS User
  • The SYSTEM User
  • The SYSOPER Role
  • The SYSDBA Role
  • Connecting as SYSDBA or SYSOPER
  • Operating System Authentication
  • Oracle Password Authentication
  • Granting SYSOPER and SYSDBA privileges to Other Users
  • Creating User Accounts
  • Global Authentication
  • N-Tier Authentication
  • Proxy Authentication
  • Database Roles
  • Oracle System Privileges
  • Statement Privileges
  • GRANT & REVOKE Statements

PROFILES

  • Password Complexity Function
  • Changing Passwords
  • Sample UTLPWDMG.SQL Script

VIRTUAL PRIVATE DATABASE

  • DBMS_RLS Procedures
  • Restricting Access Through SQL
  • The SYS_CONTEXT Function
  • Restricting Access Through Fine Grained Access Control

ORACLE LABEL SECURITY

  • Oracle Label Security Policies
  • Data Labels
  • User Labels
  • Security Clearance Components
  • User Privileges
  • Enforcement Options
  • Default Row Level

ORACLE ENCRYPTION

  • Oracle Internet Directory
  • Information Security
  • Transparent Data Encryption
  • Backing Up Encryption Keys & Wallets
  • Tablespace Encryption

HARDWARE SECURITY MODULES (HSM)

  • Implementing Hardware Security Modules

ENCRYPTION PACKAGES

  • DBMS_OBFUSCATION_TOOLKIT
  • DBMS_CRYPTO

ORACLE SECURITY PRODUCTS AND FEATURES

HIGH AVAILABILITY

APPLICATION DEVELOPMENT

  • Stored Program Privileges
  • Sql Injection

ORACLE AUDITING

  • Data Dictionary Views
  • The Audit Statement
  • The Audit Data Dictionary Views
  • DML Triggers
  • Event Triggers
  • Fine Grained Auditing
  • Other Auditing Techniques

THREATS & VULNERABILITIES

  • Process Threats And Vulnerabilities
  • Platform Threats And Vulnerabilities
  • Authentication Threats And Vulnerabilities
  • Programming Threats And Vulnerabilities
  • Data Access Threats And Vulnerabilities

Course Classification:  Technical Training Course

This is an instructor led training course taught in a classroom based environment.

Course Fee = £895   (excl.VAT)



Scheduled course dates

11 January 2012 to 13 January 2012

22 February 2012 to 24 February 2012

11 April 2012 to 13 April 2012

16 May 2012 to 18 May 2012

27 June 2012 to 29 June 2012



View full schedule of Network Security courses

View full schedule of Generic courses

View full schedule of Oracle 9i Security courses

Print / Download PDF Version of full course schedule

If you would prefer to run this course at your premises as you have several employees to place on the course perhaps, then we are also able to offer onsite Oracle Training and bespoke Oracle courses