A database server for a financial application is scheduled for production deployment. Which of the following controls will BEST prevent tampering?
A database server for a financial application is scheduled for production deployment. Which of the following controls will BEST prevent tampering?
The best control to prevent tampering with a database server for a financial application in production deployment is logging and monitoring. This control ensures that all activities on the database are continuously recorded and analyzed, allowing for the detection of unauthorized access or changes. Timely alerts and reviews of these logs can help prevent and respond to tampering incidents effectively. While data validation and sanitization are important for ensuring data accuracy and security, they do not prevent tampering directly. Service accounts removal helps in reducing unnecessary access but does not actively monitor for tampering.
Input validation is the answer to alot of application attacks/issues. OWASP Top 10.
B is correct
Answer C) Service accounts removal This is the only option that will actually prevent anything from happening. The following do not PREVENT anything. A. Data sanitization: involves purposely, permanently deleting, or destroying data from a storage device, to ensure it cannot be recovered. B. Data validation: is the process of checking the accuracy, integrity, and structure of data before it's used in a business operation. D. Logging and monitoring
Scenario: You code is in Dev environment and about to be deployed to Prod. How to ensure your code isn't changed in any way in any way prior to deployment? It has to be some form of FIM tool which could periodically compare the hash and alert for any mismatch (suspected tampering).
Logging and Monitoring is NOT a preventive control
C & D has nothing to do with tampering A is about sanitization/ clearning
https://www.youtube.com/watch?v=ydjDrIZyOIk
Input validation (also known as data validation) => this can protects new database deployment
C. Remove service accounts. The question states that a DB server is being moved to prod, and they don't want someone to mess with it now that it's in production, so it needs to be locked down. "Remove all access to your database (except for your own personal domain account). Literally, each and all accounts." https://softwareengineering.stackexchange.com/questions/369645/preventing-in-database-record-tampering
Data validation (option B). Data validation involves implementing checks and controls to ensure the integrity and accuracy of data.
Answer is Data validation: sql injection is possible becuase the data being input from a web form is not validated before it reaches the database by using regular expressions to check for special characters and limiting the number of characters the field (ultimately the parameter(variable)) that is passed to the database to be processed --- AND hopefully, the database is using stored procedures that have parameters to accept the data input instead of a method that is extremely vulnerable like the website using inline sql statements on the form
I think we are trying to avoid tampering with the SERVER, consequently avoiding tampering with the DB. Nowhere in the question it states it will be taking input from a customer. This might be a transaction logging DB, not necesarily one connected to a web server. I think Logging and monitoring is the better answer, as it can help detect and respond to any unauthorized attempts, such as modifying or deleting existing data
Service accounts are where the majority of attacks occur from.
Key word is 'prevent',