Description
Exam Topics: OverviewAssess security needs (risk reduction, regulatory compliance)Assess the typical attack points for a databaseDeploy the Maximum Security ArchitectureManage Database UsersAdminister OS AuthenticationAdminister Kerberos AuthenticationAdminister PKI Certificate AuthenticationAdminister Enterprise User SecurityAdminister Centrally Managed UsersIdentify Inactive accountsManage and Secure passwordsSecure Passwords in scripts and applicationsChange a user's password securelyAdminister a secure external password store to secure passwordsAdminister the Database Password FileControl the use of a password fileConfigure and Use ContextsUnderstand and use USERENV variablesUnderstand and Use Client IdentifiersExtend Unified Auditing with Context informationUse context information with Secure Application RolesManage AuthorizationAdminister System and Object PrivilegesAssign Administrative PrivilegesConfigure Secure Application RolesConfigure Global Roles (EUS/CMU)Perform Privilege AnalysisConfigure Fine Grained Access ControlConfigure Fine Grained Access Control (FGAC)Configure FGAC with Real Application SecurityConfigure FGAC withVirtual Private DatabaseConfigure FGAC with Oracle Label SecurityConfigure and Manage Database VaultDescribe the Default Separation of Duties with Database VaultConfigure Database Vault Factors, Rules, and Rule SetsConfigure Database Vault Mandatory and non-Mandatory RealmsConfigure Database Vault Command RulesConfigure Realms, Command Rules, and Application Context to enforce trusted path accessPerform Database Vault Operations ControlConfigure and Use AuditingPerform Privileged User AuditConfigure Standard AuditConfigure Fine Grained AuditingConfigure and use Unified AuditCofigure Network SecurityAssess the need for Network access control (ACL)Manage Network ACLs in relation to microservice deploymentsConfigure ACLs to access passwords in a walletConfigure Network Service ProfilesConfigure and use Listener Valid-Node CheckingEnhance Database Communication Security with SEC parametersConfigure and Implement EncryptionEncrypt data in motionConfigure Native Network EncryptionConfigure TLS EncryptionEncrypt data at rest with Transparent Database EncryptionConfigure Column level and Tablespace level EncryptionEncrypt the Data DictionaryMigrate unencrypted to encrypted dataManage Encryption KeysAdminister and use the SYSKM Administrative PrivilegeAdminister Encryption WalletsImplement Data Masking and Data RedactionImplement Data RedactionImplement Enterprise Manager Data Masking PackConfigure and use the Application Data ModelPerform Sensitive Data DiscoveryDeploy Data Masking FormatsCompare In-Database -vs- At-Source executionAutomate Masking operations with EMCLIConfigure Transparent Sensitive Data Protection (TSDP)Invoke the Database Security Assessment ToolRun the Database Security Assessment ToolPatch DatabasesAssess the need for of a CVEDecode CVSS Risk ScoringManage Database Security in the CloudAsssess the Shared Responsibility ModelManage hybrid cloud scenariosAssess Autonomous Database Self Securing
