Question 4
- Define: (i) Data security (ii)Data risk assessment
- (i) Explain the term access control in database security
- State three roles of a database administrator.
(ii) List two access control methods in database security
Observation
The expected answers were:
(a) (i) Data security is the protection/safety of data from destruction, corruption or unauthorized access.
(ii) Data risk assessment is the process of determining/identifying the level of security of stored data
OR
Data risk assessment is the process of determining the safety of stored data
OR
The process of evaluating/measuring the potential risks of data
(b) (i) Access control is a mechanism put in place to allow users have different levels of access to the database. OR
Access control is a process that allows users to have resources that they are authorised to use. OR
Access control is a mechanism to control data that is accessible to given users
(ii)
- Username and Password
- Role based Access control
- Mandatory Access Control
- Rule Based Access Control
- Discretionary Access Control
- Organisation Based Access Control
- Responsibility Based Access Control
- Identity Based Access Control
- Authentication
- Biometric verification/Facial Recognition/Voice Recognition/Eyes/Iris/Retina Recognition/Finger Print Recognition
- Physical control/Use of Lock/Burglary Proof/Metal Protector
- Personal Identification number (PIN)
(c)
- Maintaining users
- Backup database
- Managing data security and privacy
- Modifying/editing/updating the database structure
- Managing data integrity
- Monitoring and optimizing the performance of the database
- Database recovery
- Generation of reports/outputs
- Installs, Configures and Create Database
- Creating Users/ ID (Credentials)
- Deleting Users