Oct 17, 2019  
2017-2018 Catalog 
    
2017-2018 Catalog [ARCHIVED CATALOG]

[Add to Portfolio]

CIS 412 - Database Security and Audit

5 Credits
Data breaches are a common occurrence in today’s society. This course builds on the foundational knowledge from CIS 310 and the big data analytics course CIS 389. Students address design issues, along with user interface vulnerabilities and how these can be avoided, mitigated or detected. Learning modules will address web interfaces, cloud services and mobile application database vulnerabilities. Students will use tools to perform database audits and create policies and procedures to augment the same. The audits taught in this course pertain to both the database and operating system levels. Students also learn the challenges of big data security issues. Hands-on projects will take place in physical and virtual environments.

Pre-requisite(s) CIS 310 min 2.0 and CIS 389 min 2.0
Program Admission Required Yes Admitted Program BAS - CIS
Fees CF

Designed to Serve For students admitted to the BAS program in CyberSecurity and Forensics.
Active Date 2015-09-25

Grading System Decimal Grade
Class Limit 24
Contact Hours: Lecture 44 Lab 22 Worksite 0 Clinical 0 Other 0
Total Contact Hours 66
Degree Distributions:
Course Outline
1. Define database audit

a. Its use and purpose

b. How to plan, implement and report on an audit

2. R, Python and RPY2

a. Install

b. Under basic constructs of languages

c. How they work with big data

3. Install and harden SQL Server

a. Plan audit

b. Implement audit

c. Audit report

4. Install and harden MySQL

a. Plan audit

b. Implement audit

c. Audit report

5. Install Hadoop

6. Review Statistical and Big Data Analysis

a. Use in the security arena

b. How to use in an audit

7. Understand the security issues of Hadoop and its variations

a. access control and authentication using tools such as Apache Knox

b. authorization using tools such as Apache Sentry),

c. encryption

d. security policy management and user monitoring

8. Use the MapReduce framework

a. Implement YARN

b. Security issues with YARN and MapReduce

9. Using PIG, Hive or similar scripting languages on Hadoop

a. Security issues

b. Implementation concerns

10. Traffic, load balancing, and nodes

11. User interface and design issues

12. Mobile applications and their impact

13. Cloud deployment of databases and security issues

a. SQL server

b. MySQL

c. Hadoop

14. Creating policies and procedures for security audits

a. Standard databases

b. Hadoop and Big data

c. Network and OS implications

15. Future issues



Student Learning Outcomes
Explain and implement a database audit

Install and use R and R-Studio

Harden and perform an audit of a SQL Server installation

Harden and perform an audit of a MySQL Server installation

Explain the installation of Hadoop in a virtualized environment

Explain how and when to use Statistical and Big Data Analysis in the security arena. Explain and demonstrate how to use the tools in an audit

Demonstrate an understanding of the security issues of Hadoop. Explain and implement 3rd party tools for access control, authorization, encryption, security and user monitoring

Use the MapReduce framework

Explain the security issues solved or introduced when using scripting languages such as Hive, PIG or similar on Hadoop

Explain and demonstrate traffic monitoring, load balancing and monitoring of nodes in a standard DB and big data installation



[Add to Portfolio]