data application w6

Swamped with your writing assignments? We'll take the academic weight off your shoulders. We complete all our papers from scratch. You can get a plagiarism report upon request just to confirm.


Order a Similar Paper Order a Different Paper

Week 6 Written Assignment C2 Security Auditing on SQL Server

If you need your SQL server to maintain a detailed audit trail, then the C2 audit option may be a good choice. However, you might have to consider few things before configuring it to be sure that you don’t have some issues over time.

You are required to complete BOTH Part A and Part B of the assignment.

Part A

Please write short essay answers discussing the following questions:

  • What is the difference between C2 Audit Tracing and Server Audit?
  • What information will the C2 audit capture on the SQL server?
  • What are some of the considerations before implementing the audit trace such as resources and impacts?

Part B Lab Auditing

Phase 1 Implementing Oracle Fine-Grained Auditing (FGA)

In a previous lab, you have created DBSEC user and CUSTOMER table.

In this lab, you will implement a FGA case. The CUSTOMER table will be the one you created on the previous lab. Your task is to design and implement the following auditing functions on the CUSTOMER table.

  • Track all “SELECT” activities on the CUSTOMER table, including database user, operating system user, and time when the operation is performed.
  • Track the changes when CREDIT_LIMIT is set to a value above $5,000.
  • Track the CUSTOMER table when a customer record was deleted.

You need to generate one SQL script file to perform all the following tasks:

  • Add a policy to implement audit task 1 (SELECT). The policy will be named as AUDIT_POLICY_1_SELECT.
  • Add a policy to implement audit task 2 (CREDIT_LIMIT). The policy will be named as AUDIT_POLICY_2_CREDIT.
  • Add a policy to implement audit task 3 (DELETE on CUSTOMER table). The policy will be named as AUDIT_POLICY_3_DELETE.
  • Turn on the audit function.
  • Connect to user DBSEC, and perform the following DML functions for testing purpose:
  • Show the audit trail including when and who has used/modified the CUSTOMER table.
  • Roll back the above change.

SELECT CUSTOMER_ID, FIRST_NAME,LAST_NAME,CREDIT_LIMIT
FROM customer
WHERE CUSTOMER_ID=201340;

UPDATE customer SET
CREDIT_LIMIT=2500000
WHERE CUSTOMER_ID=201340;

DELETE from CUSTOMER WHERE CUSTOMER_ID=201340;

Tips:

  • You may use a drop user statement to refresh your database and enable testing. Then, you need to recreate your CUSTOMER table. But, it is not required as a part of this project.
  • When you need to connect to SYSTEM user, please use a syntax so that it will ask the user to type the password. A typical example will be: “connect system;”

Phase 2

  • Using an Oracle select an existing user and audit all its activities.

Using Oracle:

Step #1: Connect as SYSTEM and make sure that the following parameters are set:

SQL> show parameter aud

NAME TYPE VALUE

———————————— ———– —–

audit_sys_operations boolean TRUE

audit_trail string DB

Step #2: Issue audit statement as follows:

AUDIT ALL BY DBSEC_CLERK

Step #3: Connect as DBSEC_CLERK and perform one DDL and DML statement.

Step #4: Connect as SYSTEM and retrieve the content of DBA_AUDIT_TRAIL.

Submission Requirement:

The SQL script files will be required and the screen capture of the lab completed steps

Writerbay.net

We offer CUSTOM-WRITTEN, CONFIDENTIAL, ORIGINAL, and PRIVATE writing services. Kindly click on the ORDER NOW button to receive an A++ paper from our masters- and PhD writers.

Get a 10% discount on your order using the following coupon code SAVE10


Order a Similar Paper Order a Different Paper