Recently, I had attended hands on course from Oracle University for Oracle 11g Security DBA.
I take this opportunity to share my experience and knowledge gained out of this course.
About the course:
In Oracle Database 11g: Security course is a 5 days course. In this students learn how they can use Oracle database features to meet the security, privacy and compliance requirements of their organization. The current regulatory environment of the Sarbanes-Oxley Act, HIPAA, the UK Data Protection Act, and others requires better security at the database level. Students learn how to secure their database and how to use the database features that enhance security. The course provides suggested architectures for common problems.
This course covers the following security features of the database:
- auditing, virtual private database, label security
- encryption for Payment Card Industry Data Security Standard (PCI DSS ) including encryption at the column, tablespace and file levels,
- enterprise user security.
- Some of the Oracle Network security topics covered are: securing the listener and restricting connections by IP address.
How to register for the course from Oracle University (http://education.oracle.com)
Oracle offers courses in different streams on Oracle products through class room training at Oracle University and authorized Oracle Education Center.
Below is the list of courses offered in Oracle 11g:
Oracle class room trainings are pretty expensive and prospective candidates are advised to select the course carefully, depending on their career stage and past experience. Oracle 11g Security is an advanced course in Oracle and costed me 65,000 INR (including service tax).
Interested candidate can check the schedule for upcoming Oracle courses at Oracle Education website. On finding the course of interest they can then register for the course and complete the registration form. The candidate receives the e-kit for the course 2-3 days in advance before the start of the training at their email id with which they have registered.
Why I had opted for Training in Oracle 11g Security?
I had undertaken this course in pursuit my to become OCM (Oracle Certified Master). Having come from a PL/SQL development experience for 6+ years with 2 years of DBA, I found security to be the perfect mix of both the worlds. Moreover, working in finance domain made more sense for attending this course.
Security in Oracle has to be handled both at administrative level and developer level.
Oracle 11g has really impressive security features which I have tried to highlight in the later section of this document. I am sure you will appreciate the security features offered by Oracle 11g once you have read this document.
What I learnt in the training?
1. Prevent access by non-database users
2. Increase database user identity assurance
3. Control access to data within database
4. Audit database activity
5. Monitor database traffic and prevent threats from reaching the database
6. Ensure database production environment is secure and prevent drift
7. Remove sensitive data from non-production environments
The student guide of Oracle 11g Security consists of 21 chapters and 5 appendices demonstrating examples for practice in lab. This being advanced Oracle training, Its a plus if you have a experienced trainer. The trainer prioritizes the course content depending on the participants past experience and career level.
References and Sources:
Those who are interested in delving deep into the security track may visit following sources:
Website: http://www.petefinnigan.com – Pete Finnigan is the author of the SANS book Oracle security step-by-step – a survival guide for Oracle security. Pete also has written many papers about Oracle security. petefinnigan.com is the place for free Oracle security information, white papers, links to other resources, free scripts tools and products and professional Oracle security audit services.
Book: Effective Oracle Database 10g Security by Design by David Knox