Describe defense models and Explore database defensive methods

Instructions about the topics to write the project on are below after that it is the templates to use for the write-up are uploaded below

Modern health care systems incorporate databases for more effective and efficient management of patient health care. However, it should be noted that all organizations have a database system of some form and most of these databases are relational database systems that use the Structured Query Language (SQL) for data manipulation. These enterprise databases can support anywhere from 100 users up to 10,000 users at a time. The enterprise database is not only accessible by internal users but also external users. The top threats to database servers include SQL injection (most common), network eavesdropping, unauthorized service access, password cracking, denial of service, privilege elevation, cross-site scripting, insecure configurations, malware and backup data exposure. The two major types of database injection attacks are SQL injections that target traditional (relational) database systems and NoSQL injections that target big data platforms.

Because databases are prone to cyberattacks, they must be designed and built with security controls from the beginning of the life cycle. Though a lot can be accomplished by hardening the database earliest in the life cycle, much of the security is added after they have been built, forcing IT professionals to try to catch up with the threats. Today, it is critical that database security requirements are defined at the requirements stage of acquisition and procurement. Through specific security requirements and testing and sharing of test and remediation data, system security professionals and other acquisition personnel can collaborate more effectively with vendors wishing to build more secure database systems.

The deliverables for Project 5 are:

• An RFP of about 12-15 pages, double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables or citations. Your RFP should also detail a test plan and remediation results.
• A PowerPoint presentation as an executive overview briefing that reflects the key elements of your team report. It should be about 5-10 slides.
• An MS-Excel lab template of results.

• Step 4: Describe defense models
  • To be completed by a designated team member
  • State everything as requirements in context of the medical database
  • Provide approximate timeline for delivery
  • State overall strategy for defensive principles
    • Explain importance of principles
  • Read about
    • Enclave/computing environment
    • Cyber operations in DoD policy and plans
    • Explain how it relates to the defensive principles
      • Network domains have different
        • Security levels
        • Accesses
        • Read and write permissions
  • Define enclave boundary defense
    • Include enclave firewalls separating databases and networks
    • Define different database environments expect databases to be working
    • Applicable security policies
• Step 5: Explore database defensive methods
  • A team member will perform the MySQL lab
  • Devise defensive methods that should be used in protecting databases
  • Include information on threats, risks and possible recommendations to these threats.