Exploring Database Security Concepts

To facilitate data backup and recovery.

To store data in a more compact format.

To protect sensitive data from unauthorized access.

To increase database performance.

Data Masking

Transparent Data Encryption (TDE), Column-level encryption

Hashing

Access Control Lists

Symmetric encryption uses two keys for encryption and decryption.

Asymmetric encryption is faster than symmetric encryption.

Symmetric encryption uses one key for both processes, while asymmetric encryption uses a pair of keys.

Symmetric encryption is used for public key infrastructure.

Access control regulates user permissions and roles to protect database security.

Access control allows unrestricted access to all users.

Access control is only necessary for physical security measures.

Access control has no impact on data integrity.

Network Access Control (NAC)

Physical Access Control (PAC)

Identity-Based Access Control (IBAC)

Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC)

DAC is a type of mandatory access control system.

Discretionary Access Control (DAC) allows resource owners to control access permissions for their resources.

DAC restricts access based on user roles and responsibilities.

DAC is a method for encrypting data during transmission.

Mandatory Access Control (MAC) is a type of firewall.

Mandatory Access Control (MAC) is a security model that enforces access restrictions based on user clearance and information classification.

Mandatory Access Control (MAC) allows users to set their own access permissions.

Mandatory Access Control (MAC) is a model that only applies to physical security.

Biometric authentication

Username and password authentication, Token-based authentication

Email verification

IP address filtering

To eliminate the need for multi-factor authentication.

To simplify user login processes by allowing weak passwords.

To enhance security by enforcing strong password creation and management practices.

To reduce the number of password changes required by users.

Data backup strategies are irrelevant in the age of cloud storage.

Data backup strategies are only necessary for large corporations.

Data backup is primarily for improving internet speed.

Data backup strategies are essential for data protection, recovery, and business continuity.