How to prepare a Database audit

28 September,2014 by Jack Vamvas

Question: How do I prepare a database audit? I need to review regularly database security and configurations.

Answer: In summary, a database audit is made up of SELECT statements which report database security details.  For example, access to a sensitive stored procedure which displays customer financial details or a database configuration which exposes a risk to  dropping the database.

Part of the skill of preparing a set of SELECT statements for database details is in the preparation

Use this list as a guide to structure the database audit

1)      Do you understand the applications?

2)      Database servers Inventory

3)      Inventory of server hosts

4)      Prepare SELECT privileges to the tables

5)      Execute the SELECT statements and gather the information

6)      Do you understand potential vulnerabilities , such as SQL Injection or buffer over flow ?

7)      Dangers of elevated privileges

8)      Null passwords dangers

9)      Knowledge of the network infrastructure

Read More on DB2 security

DB2 security audit

DB2 - A Security Primer

Author: Jack Vamvas(http://www.dba-db2.com)

Share:

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment on How to prepare a Database audit

Comments are moderated, and will not appear until the author has approved them.


dba-db2.com | DB2 Performance Tuning | DBA DB2:Everything | FAQ | Contact | Copyright