By Diana.H. Gray-Oracle on Apr 20, 2015
Written by Maria Billings, Senior Principal Curriculum Developer
Do you want to advance your career, but never know beforehand when you might have time for training?
Try Oracle University’s Training On Demand or TOD curriculum. You can watch recorded classroom and hands-on sessions in smaller or larger increments as it fits into your schedule.
For Database Vault
- Do you sometimes need to prove that you couldn't possibly have seen confidential information, although you are a highly privileged DBA?
- Did you know that the Oracle Database 12c has a Database Vault option already installed, ready to be enabled, if your organization decides to use it?
- What is Database Vault?
Vault TOD Training
is composed of several components, including realms, rule sets, command rules,
secure application roles and factors that can be highly customized or simply
used out-of-the box.
A realm, for example, is a zone of protection for tables, roles, and packages. A realm protects the objects in it from users exercising system privileges, such as SELECT ANY TABLE. So, any such privileged user must be defined as a realm participant (or have a realm-participating role that is granted to him or her) to access the protected objects.
If you are not a realm participant or owner, you can show that a query of a realm-protected table will result in the "ORA-01031: insufficient privileges" error. In short, you can prove you couldn't have possibly seen the confidential content.
The course "Using Oracle Database Vault with Oracle Database 12c" TOD training goes into all the necessary details to show you:
- How to reduce the attack surface for potential security breaches through limiting privileges.
- How to perform security analysis and report security vulnerabilities.
- How to configure and maintain Database Vault elements.
- How to implement best practices, which begins by identifying YOUR security requirements.
You can then see samples of building and documenting security implementations, and you view or discuss sample use cases, such as the workflow of an application DBA, dual key security, dynamic auditing, and so on.