Database Forensics and Auditing Research Paper Example | Topics and Well Written Essays - 2000 words

database Forensics and Auditing - Research Paper ExampleThe paper leave focus on the differences between database forensics and databases auditing. This paper has focus on the definition of database forensic and database auditing, the regulation under database auditing, the meaning of Data Access Auditing, and Data Monitoring. The goal is to clarify the comparison between database forensic and auditing tools by analyzing some of their features. In addition, the paper will show the threats that may affect the database and how it keister affect database forensic and auditing. In conclusion, databases can be secured using a number of strategies that restrict unauthorized access, incorrect alteration of data and leaven data integrity to ignore either kind of hacking or losing data. Introduction The Verizon business risk aggroup did an investigation of 90 data breaches occurred in 2008, which revealed an overall score of 285 million stolen records. Likewise, 80% of data breaches occ urred overdue to weak corporate information security and initiated from external sources i.e. from hackers, malicious codes etc. and 20% data breaches were initiated insidely (Goldmann, n.d). Moreover, 49% of data breaches in 2008 were not diagnosed for months. Furthermore, in 2008, 81% organizations affected from credit card breaches were not able to perform their last PCI assessment (Goldmann, n.d). Apart from deploying most updated technology and controls, data is still world compromised. Likewise, tactics of a hacker is categorized as 70 % credentialed users, 10% trading partners and 46% internal threats (Goldmann, n.d). Wikileaks and Stuxnet virus is one of the recent major security breaches. In summary, the increasing numbers of data breaches ar astounding and strive to do more research for database security and protection. It shows that the laws, policies, compliance and regulations are not equal to counter these challenges. In order to protect databases via best practic es, we will first differentiate between database forensics and database auditing, as there two terms will demonstrate adequate protection from potential threats and vulnerabilities. After describing these terms, we will incorporate Microsoft Log miner tool for collecting forensic evidence from a database and for auditing or reviewing database authoritative state, SQL auditing will be incorporated. Database Forensics Database forensics that is also called Oracle forensics is relatively a new evolving field. Database forensics is conducted by different tools that alleviate Oracle Database Administrator (DBA) to re-establish actions performed on the database with the exception of deactivated forensic features. Likewise, database forensics identifies the suspect by extracting traces of an attacker from the database and revert the odd transactions if possible. The primary goal of database forensics is to analyze the vulnerabilities that were utilized and exploited by the threat and to rollback any unofficial data manipulation operations. However, it is a daunting task, as attackers play safe and prefer attacks from other regions and IP addresses that involve different time zones and mediums before extracting data or compromising security controls of a database. Some of the vulnerabilities associated with database compromises include default and unchanged usernames and passwords, passwords are not long, complex or easily guessable, Database is not up to date and missing critical updated