(a) Define; (i) Data Security (i) Data risk assessment (b)(i) What is Access Control (ii) List the access control methods in database security. (c) State three roles of a database administrator.
Explanation
4(a) Define; (i) Data Security; Data security refers to the collective measures used to protect and secure a database management software from the illegitimate use and malicious threats and attack. These involve series of processed, methodologies and tools. OR It is a protective digital piracy measures that are applied to prevent unauthorized access to computers,database and websites. Data security also protects data from corruption. (ii) Data Risk Assessment; is identification of hazards that could negatively impact an organization's ability to conduct business. These assessments help identify these inherent business risks and provides measures, processes and controls to reduce the impact of these risks to businesses operations. (b)(i) Access Control is a security technique that can be used to regulate who or what can view or use resources in a computing environment. OR Access control is a database security/features that control how users and systems and resources. Access is the flow of information between an object and a subject, e.g program, database file, computer etc. while the programmer, and users are examples of the subject. (ii) Access control methods in database security (i) Corrective access control (ii) Preventive access control (iii) Detective access control method (c) Role of Administrative in Database (i) Setting data privacy; This only permits authorized persons to access and see certain data. (ii) Controlling access to database; It also creates log-ins for user and setting roles for each user. (iii) Giving support to end users; This ensure that all users know how to use the database. (iv) Controlling data security; This includes preventing unauthorized access to the data and protecting against other security threats. Others include; (i) Establishing the needs of the users and monitoring user access and security. (ii) Monitoring performance and managing parameters to provide fast response to front-end users. (iii) Mapping out the conceptual design for a planned database. (iv) Considering both back-end organization of a data and front-end accessibility for end-users (v) Refining the logical designs so that it can be translated into specific data model. (vi) Further refining the physical design to meet system storage requirements. (vii) Installing and testing new versions of the DBMS (viii) Maintaining data standards including adherence to the Data Protection Act(ix) Maintaining data standards procedures and definitions for the data (x) Controlling access permissions and privileges (xi) Developing, managing and testing back-up and recovering plans. (xii) Ensuring that storage and archiving procedures are functioning correctly. (xiii) Capacity planning (xiv) Working closely with IT project managers database programmers. (xv) Communicating regularly with technical, application and operational staff to ensure database integrity and security. (xvi) Commissioning and installing new applications and customizing existing applications in order to make them fut for purpose.