Securing Databases: Principles and Practices

Vocabulary flashcards covering key concepts and definitions related to database security.

SQL Injection (SQLi)

An attacker inserts malicious SQL into input fields to access or manipulate data illegally.

Unauthorized Access

When users (or hackers) gain access without proper permissions—usually due to weak passwords or misconfigured settings.

Privilege Escalation

A lower-level user exploits a flaw to gain higher-level (admin) access.

Data Leakage or Exposure

Sensitive data is unintentionally exposed, often due to poor encryption or access controls.

Malware and Ransomware

Malicious software can corrupt, steal, or lock database content until a ransom is paid.

Insider Threats

Authorized users misuse access to steal or damage data—either intentionally or by mistake.

Denial of Service (DoS)

Attackers flood the system to overload the database server, making it unavailable.

Backup Theft or Tampering

If backups are not secured, attackers can steal or alter them.

Symmetric Encryption

Same key used for both encryption and decryption.

Asymmetric Encryption

Uses a pair of keys: public key for encryption and private key for decryption.

Hashing

One-way transformation of data, used for password storage and data integrity.

Transparent Data Encryption (TDE)

Encrypts data at rest in the database, allowing automatic decryption for authorized users.

End-to-End Encryption

Data is encrypted on the sender’s device and only decrypted by the receiver.

Full Backup

A backup that copies all data.

Incremental Backup

A backup that copies only changes made since the last backup.

Differential Backup

A backup that copies all changes since the last full backup.

Point-in-time recovery

Restore systems to a specific moment.

Monitoring and Auditing

Processes for tracking user activities and ensuring compliance.

Secure Backup Storage

Encrypting backups and restricting access to them.

Patch Management

The process of deploying updates to software to fix vulnerabilities.