A bank is working with a security architect to find the BEST solution to detect database management system compromises. The solution should meet the following requirements:
✑ Work at the application layer
✑ Send alerts on attacks from both privileged and malicious users
✑ Have a very low false positive
Which of the following should the architect recommend?
Database Activity Monitoring (DAM) is the best solution to detect database management system compromises as it operates at the application layer. DAM is capable of monitoring and analyzing database activities, including those performed by privileged and malicious users, and generating alerts when suspicious activities are detected. Additionally, DAM solutions are designed to have a very low false positive rate, ensuring accurate and reliable alerts. Therefore, DAM meets all the specified requirements effectively.
A DAM solution is a security tool that monitors and analyzes database activity for signs of compromise or malicious activity. It is designed to work at the application layer and can send alerts on attacks from both privileged and malicious users. A DAM solution can also have a very low false positive rate, making it an effective tool for detecting database management system compromises.
DAM = Database Activity Monitoring Databases are made up of tables and primary keys (unique data). The key term in the question is "database management system." All answers point to DAM Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)
D is the correct answer
DAM (Database Activity Monitoring).The name say it all