Difficulty: Easy
Correct Answer: Correct
Explanation:
Introduction / Context:
Authorization tables store who can do what in a database: users, roles, privileges, password hashes, API keys, and often auditing references. Because these entries govern access to every other object, they are a prime target for attackers and require rigorous protection measures that exceed ordinary data safeguards.
Given Data / Assumptions:
Concept / Approach:
The principle of least privilege and defense-in-depth both imply that metadata which controls access to all data must be placed under the strongest controls. This typically includes restricted ownership, tight GRANT policies, encryption at rest and in transit, separation of duties, and immutable audit trails. Backups of these tables deserve equal protection because restoring a compromised backup can reintroduce risk.
Step-by-Step Solution:
Classify authorization tables as highly confidential assets.Restrict direct access to security administrators only; deny ad-hoc reads by application roles.Enable encryption at rest for system catalogs (when supported) and for any auxiliary security tables.Harden backups: encrypt keys, store off-site securely, and limit restore permissions.Continuously audit DDL and DCL affecting users, roles, and privileges; alert on anomalies.
Verification / Alternative check:
Perform a tabletop exercise: if an attacker gained read/write access to authorization tables, could they create a superuser or grant broad privileges? The answer is almost always yes, which validates the need for stringent controls.
Why Other Options Are Wrong:
Incorrect: downplays the criticality of authorization metadata.Depends only on OS: database-native controls are equally important.Not applicable for read-only DBs: even read-only modes still rely on authorization metadata.
Common Pitfalls:
Leaving default accounts enabled, over-granting SELECT on system catalogs, failing to encrypt backups, and neglecting privilege-change auditing.
Final Answer:
Correct
Discussion & Comments