Homework - Auditing Oracle DB Objects
Overview: This homework provides an opportunity for the student to create Oracle 12 C audit policies to help better secure sensitive data stored in Oracle database tables.
Assignment: Using the information and examples provided in the readings for week 7 and 8, create a test user and associated policies and test scenarios to audit the test user against the following privileges (available in the system_privilege_map Oracle 12C object):
1. Create Any Table
2. Drop Any Table
3. Create User
4. Drop User
5. Update any Table
The following are some additional guidance, requirements and hints for this assignment:
a. Create a test user named SDEV350User with access to unlimited space on the User's table space.
b. Allow the SDEV350User to be able to create sessions, create any table, drop any table, create users, drop user, and update any table.
c. Create policies for each of the 5 possible privileges.
d. Create test scenarios (e.g. SQL scripts that you can run) that will demonstrate the audit of the specific privileges is taking place.
e. Provide the specific results of running the test scenarios and explain the output of each query.
f. Discuss how this type of audit policy could help protect the integrity of the database.
g. Provide detailed, step-by-step instructions on how to run your SQL scripts and test scenarios.
Be sure your SQL scripts work perfectly and your supporting documentation is neat, well-organized and well-written.
Deliverables:
1. Create a word or PDF document that describes your process, steps and results. Be sure to describe your schema and the queries you are using for your application. Provide screen shots showing the successful running of all of your SQL statements and testing your scenarios. Be sure your testing is comprehensive demonstrating all functionality. The document should be neat, well-organized, well-written and contain minimal grammar and spelling errors.
2. A single SQL script file that contains all of the SQL statements used to set-up and run the test scenarios. Be sure to include the connection statements as well as often the sys account would need to run. Clearly, define with SQL statements and comments which user is running which SQL statements.