Database activity monitoring (DAM) can be:
Database activity monitoring (DAM) can be:
Database activity monitoring (DAM) can be host-based or network-based. DAM tools monitor and analyze database activity, often using a combination of network sniffing, memory reading, and audit logs. They are not used to replace encryption or data masking but to enhance the overall security strategy. Server-based or client-based approaches do not typically describe the deployment methods of DAM.
why not D ?
uhhhh....Database activity monitoring is done by combining several techniques such as network sniffing, memory scraping and reading system tables and database audit logs. So that means it can be network based or host based? why would it be masking?
A: Host-based or network-based
Database Activity Monitoring (DAM) is a security technology used to track and analyze database access and activities to detect unauthorized or anomalous behavior. DAM can be implemented as: Host-based DAM → Monitors database activity directly on the server using agents. Network-based DAM → Monitors database traffic at the network level using network sniffing techniques. Why Not the Others? B. Server-based or client-based → DAM focuses on database monitoring, not distinguishing between server-side vs. client-side security. C. Used in the place of encryption → Encryption protects data confidentiality, whereas DAM monitors database activity—they serve different purposes. D. Used in place of data masking → Data masking hides sensitive data, while DAM detects and logs database interactions—they complement each other but are not interchangeable.