Assignment
1. Write at least 500 words analyzing a subject you find in this article related to a threat to confidentiality, integrity, or availability of data. Use an example from the news. Cite your source.
Reply to two classmates' posting in a paragraph of 4 or 5 sentences by asking questions, reflecting on your own experience, challenging assumptions, pointing out something new you learned, offering suggestions. You should make your initial post by Thursday evening so your classmates have an opportunity to respond before Sunday.at midnight when all three posts are due.
It is important that you use your own words, that you cite your sources, that you comply with the instructions regarding length of your post and that you reply to two classmates in a substantive way (not 'nice post' or the like). Your goal is to help your colleagues write better. Do not use spinbot or other word replacement software. It usually results in nonsense and is not a good way to learn anything. Do not use attachments unless requested.
2. Discuss sqlmap, an automated tool for sql injection and database takeover in 500 words or more. How does it work? Where do you get it? How much does it cost? Who developed it? For what purpose? Are there other 'tools' like this available? Respond to two posts with questions, experiences, critiques, or suggestions
3. In 250 words or more, discuss the risk and costs of compromised data integrity breaches. Focus on integrity not confidentiality. Look at military, education, science, medicine, finance, utilities, municipalities, etc.
4. Discuss, in your own words using 250 words or more, the relationship between users and roles in databases. Explain why we use roles rather than simply assigning rights and privileges to each individual user.
5. Read five articles and dDiscuss the principle of least privilege in at least 250 words. Explain how this principle impacts data security.
6. Discuss, in 500 words, how you would advise your current employer to use encryption to reduce the vulnerabilities of their data at rest, in use, and in transit (or in motion). Identify at what points you think their data is at the highest risk.
7. Discuss in 500 words, how much redaction is necessary to anonymize an electronic health record. Is it enough to redact the name? The name and address? Is a medical record like a finger print?
8. Discuss in 500 words or more why Oracle 12c has introducted two new roles - AUDIT_ADMIN and AUDIT_VIEWER. Include a discussion of what database auditing is and what it does.
9. Describe in 500 words or more how DAM increases security and how it differs from auditing.
10. Describe in 500 words the critical business functions, the disaster recovery plan, and who is responsible at your place of employment.
11. Considering that some people seem willing to post just about any personal data on the Internet, how reasonable do you feel that the HIPAA rules for database security and the penalties for violations are? Please write 750 words showing your understanding of HIPAA compliance rules.
12. In 500 words or more, explain PCI compliance to the database administrator at a large retailer.
13. Discuss SOX in 500 words or more. How do logging and separation of duties help comply with SOX? How might database auditing and monitoring be utilized in SOX compliance? How can a dba use automation to comply with SOX frameworks?
14. Discuss in 500 words or more the relationship between NIST and FISMA.
15. Discuss in 500 words or more the use of blockchain for the protection of medical, financial, or educational records.
16. Discuss your experience at this term's Residency.
How was your presentation received by the audience?
Briefly comment on at least two other student presentations.
Read and respond to at least two other students posts.
Post your initial response by the end of day on Thursday and reply to at least two other students by the end of day on Sunday.
The response should include a reference list. Double-space, using Times New Roman 12 pnt font, one-inch margins, and APA style of writing and citations.