Mar 18, 2024  
2021-2022 Course Catalog 
    
2021-2022 Course Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

NET 708 - Database Concepts for Cyber

Credits: 4
Lecture Hours: 2
Lab Hours: 4
Practicum Hours: 0
Work Experience: 0
Course Type: Voc/Tech
This course explores databases topics from the perspective of a cyber-security discipline.  The course introduces fundamentals of database management systems (DBMS), common practices to secure and audit DBMS, SQL characteristics and commands, and methods for using database-related information in incident response and digital forensics investigations.
Competencies
  1. Describe major DBMS functions and their role in a database system.
    1. Generalize the fundamentals of relational, object-oriented, and distributed database systems including: data models, database architectures, and database manipulations
    2. Explain the fundamental terminology used in the relational data model
    3. Summarize the client/server model, and describe the key components used to implement Internet database environments;
  2. Utilize different methods to perform basic database administration tasks including database creation, manipulation, and control;
    1. Make use of GUI administration/management tools
    2. Make use of common manually-entered SQL syntax
  3. Formulate relational algebra operations from mathematical set theory (including union, intersection, difference, and Cartesian product) and the relational algebra operations developed specifically for relational databases (select, product, join, and division).
    1. Model queries in relational algebra.
    2. Construct queries in SQL to elicit information from a database.
  4. Incorporate fundamental security concepts and architectures that serve as building blocks to database security.
    1. Contrast with security components of operating systems, including system vulnerabilities and password policies, and file permissions.
    2. Explain principles of data encryption
    3. Summarize limitations associated with implementing encryption policies for relational databases.
    4. Summarize the auditing environment, process, objectives, classifications, and types of database auditing possible.
    5. Break down how triggers and stored procedures assist with the enforcement of database security and data integrity.
  5. Characterize the concepts of user account management and administration
    1. Relate confidentiality, integrity, and access concepts to users, authentication, tablespace (default & temporary), and quotas.
    2. Summarize security risks which administrators must be aware using Oracle and Microsoft’s SQL Server.
  6. Apply DBMS access controls.
    1. Choose the user permissions to address roles, profiles, policies, privileges, and rules.
    2. Choose the data permissions to address roles, profiles, policies, privileges, and rules.
  7. Generate investigative reports from DBMS artifacts.
    1. Deduct end-user activity based on DBMS journal and audit data.
    2. Break down B-Tree structured raw database data.
    3. Utilize manual and software-assisted methods to classify active and deleted data from relational databases in mobile apps.
  8. Determine DBMS-related vulnerabilities and mitigation strategies.
    1. Explain specific vulnerability causes and consequences.
    2. Make use of common vulnerability scanning tools.
    3. Examine privilege-escalation exploits.
    4. Evaluate targeted defenses for identified vulnerabilities.

Competencies Revised Date: 2019



Add to Portfolio (opens a new window)