Database Security Certification

Complete Package To Make Experts in Database Security

Computer networks are built to support business functionality and beyond communication the result of business is data. The data important to your business is your company's digital assets; it needs organization, maintenance and above all protection from malicious attackers. The modern corporate enterprise contains database solutions used to take care of data. Ensuring that this data doesn’t get into the hands of unauthorized employees, means that you need to recognize and secure it from this threat. The evolution of security training has shown us that the most effective way to learn about security is by learning from the people that know how to attack your systems. By understanding the threat from the attacker's perspective, you can develop effective assessment methodologies and ultimately secure what really matters from ever increasing threat.

Why should you attend this course?

Upon completing this course, delegates should be able to understand:

  • The fundamental concepts behind database systems
  • Key components within a database deployment
  • The integration of databases into business solutions
  • The process of thorough database assessment, including tools and methodologies
  • Techniques used by hackers to exploit database flaws and vulnerabilities
  • Practical assessment and attack vector considerations, through hands-on experience

Who should attend this course?

Internal security teams, database administrators and security consultants concerned with the insecurity of database systems, the exposure they have to network and data compromises, and assessment techniques used to close security holes.

Course Contents

Oracle

  • Module 1: Background
  • Module 2: Introduction to Oracle 9i
  • Module 3: Oracle 9i and Internet
  • Module 4: Advanced security features
  • Module 5: Unix
  • Module 6: Windows
  • Module 7: Version
  • Module 8: Installed software
  • Module 9: VGA parameters
  • Module 10: DB security configuration parameters
  • Module 11: Listing of all users
  • Module 12: Useful views
  • Module 13: Profiles
  • Module 14: Password and account parameters
  • Module 15: Weak and default passwords
  • Module 16: System and object privileges
  • Module 17: Listing of all users and roles
  • Module 18: Listing privileges granted to users and roles
  • Module 19: Auditing privileges
  • Module 20: Cascading privileges
  • Module 21: Roles with passwords and default roles
  • Module 22: Building Application Security into the database
  • Module 23: Advanced Security Features
  • Module 24: SQL Plus Security
  • Module 25: Database Links
  • Module 26: Auditing Oracle Built-in Auditing
  • Module 27: Oraping
  • Module 28: Listener Security checker
  • Module 29: ISS Database scanner
  • Module 30: Security Enhancements
  • Module 31: Concept of VPD
  • Module 32: Encryption mechanism

SQL Server 2008

  • Module 33: SQL Server Security Architecture
  • Module 34: Operating System Security
  • Module 35: SQL Server Accounts
  • Module 36: Closing unnecessary services
  • Module 37: Gathering information
  • Module 38: SQL Server Authentication modes
  • Module 39: SQL Configuration parameters
  • Module 40: Patch levels
  • Module 41: Sp_configure parameters
  • Module 42: Scheduled jobs
  • Module 43: Extended and stored procedures
  • Module 44: Permission on procedures
  • Module 45: Privileges granted to roles and users
  • Module 46: Privileges with GRANT option
  • Module 47: List of SQL logins
  • Module 48: Users for each database
  • Module 49: Default databases
  • Module 50: Windows authenticated users
  • Module 51: Weak passwords
  • Module 52: The sa account
  • Module 53: Gather list of roles
  • Module 54: Pre-defined roles
  • Module 55: List users within roles
  • Module 56: Backups and disaster recovery

Tools

  • OSScanner
  • Tnscmd
  • Sidguess
  • ADS
  • Checkpassword
  • Scuba

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content