Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect...
-
Upload
braiden-bowling -
Category
Documents
-
view
213 -
download
1
Transcript of Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect...
![Page 1: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/1.jpg)
Miss Scarlet with a lead pipe, in the library
![Page 2: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/2.jpg)
•Players: 3 to 6•Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope, one die, pad of detective notebook sheets.•Goal: To correctly name the murderer, murder weapon, and murder location.
•Setup - Sort the cards by type and shuffle each pile face-down. Without looking, take one suspect card, one weapon card, and one room card, and slide them into the secret envelope.
Cluedo - the game
![Page 3: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/3.jpg)
Cluedo - the tools
![Page 4: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/4.jpg)
Deon Roos
Enterprise Architect
Oracle Corporation South Africa
![Page 5: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/5.jpg)
![Page 6: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/6.jpg)
Developer End User Power UsersQuality
Assurance
Pro
d
De
v, Q
A,
Te
st
Re
po
rt
Se
rve
r
Storage Storage
•Sys Admin•Network Admin•Storage Admin•DBA
HW Vendor
Backup Server
hAck3rs
![Page 7: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/7.jpg)
Database Defense-in-Depth
Access Control
• Oracle Database Vault
• Oracle Label Security
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
Auditing and Monitoring
• Oracle Audit Vault
• Oracle Configuration Management
• Oracle Total Recall
• Oracle Database Firewall
Blocking and Logging
Encryption & Masking
Access Control
Auditing & Monitoring
Blocking & Logging
![Page 8: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/8.jpg)
Database Defense-in-Depth
Access Control
• Oracle Database Vault
• Oracle Label Security
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
Auditing and Monitoring
• Oracle Audit Vault
• Oracle Configuration Management
• Oracle Total Recall
• Oracle Database Firewall
Blocking and Logging
Encryption & Masking
Access Control
Auditing & Monitoring
Blocking & Logging
![Page 9: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/9.jpg)
Developer End User Power UsersQuality
Assurance
Pro
d
De
v, Q
A,
Te
st
Re
po
rt
Se
rve
r
Storage Storage
•Sys Admin•Network Admin•Storage Admin•DBA
HW Vendor
Backup Server
SSL
hAck3rs
![Page 10: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/10.jpg)
Database Defense-in-Depth
Access Control
• Oracle Database Vault
• Oracle Label Security
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
Auditing and Monitoring
• Oracle Audit Vault
• Oracle Configuration Management
• Oracle Total Recall
• Oracle Database Firewall
Blocking and Logging
Encryption & Masking
Access Control
Auditing & Monitoring
Blocking & Logging
![Page 11: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/11.jpg)
Developer End User Power UsersQuality
Assurance
Pro
d
De
v, Q
A,
Te
st
Re
po
rt
Se
rve
r
Storage Storage
•Sys Admin•Network Admin•Storage Admin•DBA
HW Vendor
Backup Server
SensitiveSensitive
ConfidentialConfidential
PublicPublic
hAck3rs
![Page 12: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/12.jpg)
Database Defense-in-Depth
Access Control
• Oracle Database Vault
• Oracle Label Security
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
Auditing and Monitoring
• Oracle Audit Vault
• Oracle Configuration Management
• Oracle Total Recall
• Oracle Database Firewall
Blocking and Logging
Encryption & Masking
Access Control
Auditing & Monitoring
Blocking & Logging
![Page 13: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/13.jpg)
Developer End User Power UsersQuality Assurance
Pro
d
De
v, Q
A,
Te
st
Re
po
rt
Se
rve
r
Storage Storage
•Sys Admin•Network Admin•Storage Admin•DBA
HW Vendor
Backup Server
Auditing vault
hAck3rs
ConfigurationManagement& Audit
VulnerabilityManagement
Fix
Analysis &Analytics
Prioritize
PolicyManagement
AssessClassify MonitorDiscover
AssetManagement
![Page 14: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/14.jpg)
`
![Page 15: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/15.jpg)
Why Audit?
• Compliance Mandates It– SOX, PCI-DSS, HIPAA …..
• Your auditor told you to do it• You don’t want to end up in the news• Maintain customer trust
![Page 16: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/16.jpg)
• Detective controls– Monitor privileged application user accounts for non-compliant
activity – trust but verify– Audit non-application access to sensitive data (credit card,
financial data, personal identifiable information, etc)– Verify that no one is trying to bypass the application security
controls– Line items are changed in order to avoid business processes
and approvals
• Cost of compliance– Eliminate costly and complex scripts for reporting– Reduce reporting costs for specific compliance audits
Business drivers
![Page 17: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/17.jpg)
• Statement Auditing
• Statement auditing audits SQL statements by type of statement, not by the specific schema objects on which the statement operates
• Data definition statements (DDL). • Data manipulation statements (DML).
• Object Auditing
• Schema object auditing is the auditing of specific statements on a particular schema object.
• Privilege Auditing
• Privilege auditing is the auditing of SQL statements that use a system privilege. You can audit activities of all database users or of only a specified list of users.
Standard Auditing
![Page 18: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/18.jpg)
●●●●●●Failed Logins
Do you have visibility of failed logins and other exception activities?
●●●●●●Accounts, Roles & Permissions
Do you have visibility of GRANT and REVOKE activities?
●
●
●
FISMA
●
●
●
●
Basel II
●●●●Privileged User Activity Do you have visibility of users activities?
●●●●
Schema ChangesAre you aware of CREATE, DROP and ALTER Commands that are occurring on identified Tables / Columns?
●Data Changes
Do you have visibility into Insert, Update, Merge, Delete commands?
●●●Access to Sensitive Data
Can you have visibility into what information is being queried (SELECTs)?
GLBAHIPAAPCI DSS
SOXDatabase
Audit Requirements
What do you need to audit?
Health Insurance Portability Account Act - Federal Info Sec Man Act – Gramm-Leech-Bliley Act
![Page 19: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/19.jpg)
Siebel
MS SQL Server 2000, 2005, & 2008
SybaseASE 12.5.4 - 15.0.x
HCM
Audit DataAudit Data
PoliciesPolicies
Built-inReportsBuilt-inReports
AlertsAlerts
CustomReportsCustomReports
!
AuditorAuditor
•Various DB sources•Adapters for packaged applications
•Various DB sources•Adapters for packaged applications
Oracle
DB28.2 - 9.5 on Linux,
Unix, Windows
•Easy to use reports•Central provisioning of policies•Meet compliance reporting•Proactive – alerts & notifications (SMS/email)•Pre-defined & custom reports
•Easy to use reports•Central provisioning of policies•Meet compliance reporting•Proactive – alerts & notifications (SMS/email)•Pre-defined & custom reports
AA
Encryption in
transitE
ncryption in transit
•Audit warehouse•Secured audited data•Segregation of duties•Completeness of audit•Encryption at rest•Consolidated auditing•Performance & scalability
Oracle Audit Vault Automated Activity Monitoring & Audit Reporting
![Page 20: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/20.jpg)
Default reports
![Page 21: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/21.jpg)
Out of the box - Compliance reports
![Page 22: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/22.jpg)
Database Defense-in-Depth
Access Control
• Oracle Database Vault
• Oracle Label Security
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Encryption and Masking
Auditing and Monitoring
• Oracle Audit Vault
• Oracle Configuration Management
• Oracle Total Recall
• Oracle Database Firewall
Blocking and Logging
Encryption & Masking
Access Control
Auditing & Monitoring
Blocking & Logging
![Page 23: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/23.jpg)
hAck3rsDeveloper End User Power UsersQuality
Assurance
Pro
d
De
v, Q
A,
Te
st
Re
po
rt
Se
rve
r
Storage Storage
•Sys Admin•Network Admin•Storage Admin•DBA
Backup Server
hack3rs
![Page 24: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/24.jpg)
oracle.com/database/security
search.oracle.com
database securitydatabase security
For more Information
![Page 25: Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,](https://reader037.fdocuments.us/reader037/viewer/2022110320/56649cab5503460f9496be35/html5/thumbnails/25.jpg)