| powered by |  |
| powered by | |
|
| Course: CIS376 First Term: 2023 Fall
Final Term: Current
Final Term: 9999
|
Lecture 4.0 Credit(s) 4.0 Period(s) 4.0 Load
Credit(s) Period(s)
Load
Subject Type: OccupationalLoad Formula: S- Standard |
| MCCCD Official Course Competencies | |||
|---|---|---|---|
| 1. Understand database architecture and design for business solutions. (I)
2. Evaluate security management for database environments. (II) 3. Evaluate strategies to maintain optimal system performance, security and availability. (III) 4. Assess practices for database environment incident responses. (IV) 5. Evaluate current practices and future trends of database management and security. (V) | |||
| MCCCD Official Course Competencies must be coordinated with the content outline so that each major point in the outline serves one or more competencies. MCCCD faculty retains authority in determining the pedagogical approach, methodology, content sequencing, and assessment metrics for student work. Please see individual course syllabi for additional information, including specific course requirements. | |||
| MCCCD Official Course Outline | |||
|
I. Foundation of database architecture and design
A. Infrastructure architecture 1. Service model (on-premise vs. cloud) 2. Network security tiers/zones (deploy database at a secure/dedicated tier - network placement and mapping) 3. Identity and access management 4. Tools and software B. Database specification requirements 1. Hardware 2. Size 3. Throughput 4. Usage C. Data model 1. Database integrity support 2. Data usage analysis a. Transactional vs. reporting/analysis b. Relational vs noSQL/Big Data c. Other D. Business and regulatory requirements 1. Health Insurance Portability and Accountability Act (HIPAA) 2. Family Educational Rights and Privacy Act (FERPA) 3. Data compliance a. Separation b. Retention c. Other E. Other II. Database security management A. Access control 1. Service account authentication and authorization 2. User management (passwords, profiles, privileges, roles) 3. Role based access 4. Security/compliance access review B. Data auditing 1. Log management 2. Data security reviews C. Retrieval concepts 1. Encryption for data at rest versus data in motion 2. Other III. Optimal system performance, security and availability A. Performance tuning methods and considerations 1. Code design 2. Storage mechanism 3. Network issues 4. Processing B. Redundancy in design and storage 1. Backup 2. High availability options a. On premise b. Cloud 3. Advantages 4. Disadvantages 5. Security considerations C. Disaster recovery 1. Business and regulatory requirements a. Data retention policies (1) Number of years (2) Type/format of media (3) Offsite/remote storage (4) Other b. Other 2. Identification of data 3. Recovery strategies D. Vulnerability management 1. Security patches 2. Security protocols 3. Vulnerability scanning 4. Structured Query Language (SQL) injection 5. Other E. Database security alternate solutions 1. Cloud security services 2. Other F. Routine system performance and security analysis 1. Logs 2. Historical records 3. Reports 4. Audits a. Access b. Performance c. Regulatory compliance d. Scheduling IV. Incident response A. Scope analysis/damage control B. Usage log analysis C. Regulatory compliance D. Disaster recovery V. Database management and security A. Current practices B. Future trends | |||
MCCCD Governing Board Approval Date: August 23, 2022 | |||