Database Security – Regulatory Frameworks 3 – SOX & STIG.
- OverviewThis week, we will be examining the Sarbanes Oxley Act which was passed in 2002 to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to securities laws.
The Security Technical Implementation Guides (STIGs) are the configuration standards for US Department of Defense IA and IA- enabled devices/systems. The STIGs contain technical guidance to “lock down” information systems/software that might otherwise be vulnerable to a malicious computer attack.
- Required ReadingsReview the SQL Server STIG’s here:
- Required Videoshttps://www.youtube.com/watch?v=eeQagPytR-o
- Week 12 PaperWrite an essay of at least 500 words discussing how database auditing and monitoring fit within a SOX compliance framework.
Do not copy without providing proper attribution. This paper will be evaluated through SafeAssign.
Write in essay format not in outline, bulleted, numbered or other list format.
Use the five paragraph format. Each paragraph must have at least five sentences. Include 3 quotes with quotation marks and cited in-line and in a list of references. Include an interesting meaninful title.
Include at least one quote from each of 3 different articles, place the words you copied (do not alter or paraphrase the words) in quotation marks and cite in-line (as all work copied from another should be handled). The quotes should be full sentences (no more, less) and should be incorporated in your discussion (they do not replace your discussion) to illustrate or emphasize your ideas.
Cite your sources in a clickable reference list at the end. Do not copy without providing proper attribution (quotation marks and in-line citations). Write in essay format not in bulleted, numbered or other list format.
It is important that you use your own words, that you cite your sources, that you comply with the instructions regarding length of your submission Do not use spinbot or other word replacement software. It usually results in nonsense and is not a good way to learn anything. I will not spend a lot of my time trying to decipher nonsense. Proof read your work or have it edited. Find something interesting and/or relevant to your work to write about. Please do not submit attachments unless requested.