O'Reilly logo

IT Auditing: Using Controls to Protect Information Assets by Kevin Wheeler, Mike Schiller, Chris Davis

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 9Auditing Databases

In this chapter we discuss auditing the lockboxes of company information. We will discuss how to conduct audits on the following components that affect the operational security of your data stores:

• Database permissions

• Operating system security

• Password strength and management features

• Activity monitoring

• Database encryption

• Database vulnerabilities, integrity, and the patching process

Background

The term database typically refers to a relational database management system (RDBMS). Database management systems (DBMS) maintain data records and their relationships, or indexes, in tables. Relationships can be created and maintained across and among the data and tables.

The more generic term database can be ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required