An USA Enterprise Bank needs to address data security weakness for mission critical databases to be compliant with USA banking regulation.
After an Audit in 2012 on Server Infrastructure, they want to prepare all the Databases infrastructure for an External Audit Process.
They need to be compliant with:
They want to apply Oracle Security Best Practices for all Production and non Production databases.
The tools used to conduct this Database Security Assessment were:
All the deliverables collected and prepared during the discovering phase, were released during the database assessment.
1. Questionnaires of Access Control (QAC), Integrity and Confidentiality (QIC), Audit (QAU), Compliance (QCO).
2. Assessment results (ASSVULN) with list of vulnerabilities, risk, recommandations and actions from the point of view of:
1. Presentation of results, risks and recommandations.
Questionnaire for Access Control (QAC) and Assessment Results:
Your Next Step...