...the basics of SQL. Follow the steps and Oracle will be fun for you. Step 1: Click the Start button, select Programs, then select SecureCRT 3.x. This will open up the quickconnect dialog box of SecureCRT. Select 1. Protocol as: SSH2 2. Hostname: babbage2.cs.iit.edu 3. SSH Server: Standard As depicted in figure below. On clicking connect at this point will bring up another dialog. Select “Accept and Save” to bring up a window asking username and password for Unix. Upon entering valid username and password, you should now see unix bash prompt. Now type just “sqlplus” at bash prompt to connect to Oracle. It will prompt for username and password for oracle. Upon entering valid username and password, you should now see SQL prompt as: SQL> 1 You are now connected to oracle through SQLPlus client installed on Unix Machine (babbage2.cs.iit.edu). Have fun. Also, if you want to find more information on installing oracle on your personal machine, go to www.oracle.com. Remember at SQL> prompt, after every sql command, don’t forget to put a semicolon(;). A SQL statement is the statement that complies with the syntax rule of SQL. A list of SQL statements such as create, delete, insert, select, and update will be frequently used. The SQL*PLUS commands are the auxiliary set of commands that may be only recognized by ORACLE SQL*PLUS. Frequently used commands in ORACLE SQL*PLUS interface are clear, describe, edit, get, help, list, save, spool, and run. To quit and end the SQL*PLUS session...
Words: 1881 - Pages: 8
...Check that the SQL Server databases have limited access. So that we can reduce the number of persons who could access the database. Check the Access database engine files format. It should be in some format. Otherwise malicious users can access the SQL Server files then they may damage it. Check that the file system permissions of audit files. It should be on limited format. Otherwise it could be damaged by attackers. Verify that the database backup’s private and public encryption keys stored in a secured location for safety purpose. Verify that the SQL Server computer protected by a firewall. Check that the server and client operating...
Words: 509 - Pages: 3
...DD1334 Databasteknik Laboration 1: SQL Basics Andreas Gustafsson, Hedvig Kjellström, Michael Minock and John Folkesson The purpose of Laboration 1 is to learn how to retrieve rmation stored in relational databases. You will learn 1) how to formulate SQL queries and understand how they apply to the schema and how they are executed; 2) how constraints effect insertions and deletions; 3) about the basics of view, transactions, indices and triggers. The recommended reading for Laboration 1 is that of Lectures 1-7 , particularly Chap 6-8. Laboration Come prepared to the review session! Only one try is allowed – if you fail, you are not allowed to try again until the next lab session. The review will take 10 minutes or less, so have all papers in order. To pass you should have Completed Task 1 with at least 9 of the 10 queries right, completed Task 2 and able to explain why certain actions give errors and other do not, also 8 of the 9 steps should be documented showing you executed them correctly, Task 3 the output file should show that the trigger works as it should. The grade is A if passed when the review when due. See the Lab Grading page in bilda contents for the due dates for the labs and the grading of late assignments. Laboration 1 is intended to take 30h to complete. Computing Environment In this assignment you will use Nestor 2.0. Nestor is KTH’s logic engine (computer) dedicated to hold the databases used in this and other similar courses. Nestor is aptly named after...
Words: 2303 - Pages: 10
...Introduction to Oracle9i: SQL Instructor Guide • Volume 1 40049GC11 Production 1.1 October 2001 D33993 Authors Nancy Greenberg Priya Nathan Copyright © Oracle Corporation, 2000, 2001. All rights reserved. This documentation contains proprietary information of Oracle Corporation. It is provided under a license agreement containing restrictions on use and disclosure and is also protected by copyright law. Reverse engineering of the software is prohibited. If this documentation is delivered to a U.S. Government Agency of the Department of Defense, then it is delivered with Restricted Rights and the following legend is applicable: Restricted Rights Legend Use, duplication or disclosure by the Government is subject to restrictions for commercial computer software and shall be deemed to be Restricted Rights software under Federal law, as set forth in subparagraph (c)(1)(ii) of DFARS 252.227-7013, Rights in Technical Data and Computer Software (October 1988). This material or any portion of it may not be copied in any form or by any means without the express prior written permission of Oracle Corporation. Any other copying is a violation of copyright law and may result in civil and/or criminal penalties. If this documentation is delivered to a U.S. Government Agency not within the Department of Defense, then it is delivered with “Restricted Rights,” as defined in FAR 52.227-14, Rights in Data-General, including Alternate III (June 1987). The information in this document...
Words: 33172 - Pages: 133
...3. What is a reflective cross-site scripting attack? A reflective cross site scripting attack is when a single HTTP response is used to inject browser executable code. It is not actually placed in the application. 4. What common method of obfuscation is used in most real-world SQL attacks? They include character scrambling and masking, numeric variance and nulling, relying on an array of built-in SQL Server system functions used for string manipulation. 5. Which web application attack is more prone to extracting privacy data elements out of a database? SQL injections can be used to enter the database with administrator rights. The best way to prevent this is to use Java instead. 6. Given that Apache and Internet Information Services are the two most popular Web applications servers for Linux and WS Windows platforms, what would you do to identify known software vulnerabilities and exploits? A public domain by definition is far different than a systems PKI server. A public domain that stores certs is in a key escrow. 7. If you can monitor when SWL injections are performed on an SQL database, what would you recommend as a security countermeasure to monitor your production SQL databases? Of course. That’s a CYA and common sense thing. 8. What can you do to ensure that your organization incorporates penetration testing and web application testing as part of its implementation...
Words: 438 - Pages: 2
...Learning Team: Create Database, Table & Inserts Read and follow the instructions carefully and completely for submission of the Week 3 Learning Team Assignment. NOTE: This is a large assignment. Starting early in the week and giving your team time to post code for a review and assistance will help you prepare it accurately and completely. I encourage everyone to work on the assignment throughout the week and not wait until the day it is due to begin the work. Please see the Instructor Policies for Team Participation credit guidelines. REQUIRED: Coding Standards for this course are required. Please see the attached Coding Standards. CRITICAL Resource: The attached Errors Table is a resource for dealing with error messages and other potential obstacles you may encounter writing code. Optional: Read the Week 2 and 3 Handouts in the Recommended Learning Activities to assist with creating this assignment. Optional: Complete the Week 2 and 3 Learning Activity Tutorials in the Recommended Learning Activities. REQUIRED: Use the Kudler Chart of Accounts PROVIDED. Analyze the "PROVIDED" Chart of Accounts spreadsheet in order to decide how you will design the database. Plan your Data Dictionary (You will be submitting data dictionary with your final project submission, Week 5.) REQUIRED: Use the Data Dictionary Template attached to create the Data Dictionary for the Learning Team Assignment. REQUIRED: Follow the instructions in the provided...
Words: 1276 - Pages: 6
...Teach Yourself SQL in 21 Days, Second Edition Table of Contents: Introduction Week 1 at a Glance Day 1 Introduction to SQL Day 2 Introduction to the Query: The SELECT Statement Day 3 Expressions, Conditions, and Operators Day 4 Functions: Molding the Data You Retrieve Day 5 Clauses in SQL Day 6 Joining Tables Day 7 Subqueries: The Embedded SELECT Statement Week 1 in Review Week 2 at a Glance Day 8 Manipulating Data Day 9 Creating and Maintaining Tables Day 10 Creating Views and Indexes Day 11 Controlling Transactions Day 12 Database Security Day 13 Advanced SQL Topics Day 14 Dynamic Uses of SQL Week 2 in Review Week 3 at a Glance Day 15 Streamlining SQL Statements for Improved Performance Day 16 Using Views to Retrieve Useful Information from the Data Dictionary Day 17 Using SQL to Generate SQL Statements Day 18 PL/SQL: An Introduction Day 19 Transact-SQL: An Introduction Day 20 SQL*Plus Day 21 Common SQL Mistakes/Errors and Resolutions Week 3 in Review Appendixes A Glossary of Common SQL Statements B Source Code Listings for the C++ Program Used on Day 14 C Source Code Listings for the Delphi Program Used on Day 14 D Resources E ASCII Table F Answers to Quizzes and Excercises © Copyright, Macmillan Computer Publishing. All rights reserved. Teach Yourself SQL in 21 Days, Second Edition Acknowledgments A special thanks to the following individuals: foremost to my loving wife, Tina, for her tolerance and endless support, to Dan Wilson for his...
Words: 128515 - Pages: 515
...Fall 2013 - Homework 5 In SPUFI, for the Input dataset, specify a member in DB2.SQL with the naming convention HW5Qn, where n is the question number. Example, for question 1 it would be DB2.SQL(HW5Q1). Save the output for each question in a separate output file labeled by the question number. For example: OUTPUT.SQL .HW5Q1 File transfer each file to your PC and print the output files to turn in or cut and paste to a document if the text is all shown. You must include both the SQL and the output. LABEL the output by hand for each question. Remember, you must let SQL do the work, (don’t figure it out and hard code). Below is the ERD for this assignment: 1) Create the following tablespace with the naming conventions as specified: Tablespace RnnnTSSU in your database (RnnnDB) (the STUDENT table will go in here) using stogroup UNTDISK. (3 pts.) 2) Create the STUDENT table with the specifications from the ERD (Remember, bolded attributes are not null). DOB should have a datatype of DATE (not DATETIME.) (3 pts.) 3) Create an index on the primary key of STUDENT using the UNTDISK storage group (2 pts.) 4) Perform catalog queries to ensure your tablespace, table, and index were created (1 ½ pts.) 5) Insert the following data into the STUDENT table: ( 3 pts.) S_ID S_LAST S_FIRST S_MI S_ADDRESS S_CITY S_STATE S_ZIP S_CLASS S_DOB S_PIN --------------------------------------------------------------------------------------------------------------------------JO100 JONES TAMMY R 1817...
Words: 359 - Pages: 2
...result in poor performance. For each SQL statement, a database manager application must initiate a separate communication with DB2. To improve application performance, you can create stored procedures that run on your database server. A client application can then simply call the stored procedures to obtain results of the SQL statements that are contained in the procedure. Because the stored procedure runs the SQL statement on the server for you, database performance is improved. In addition, stored procedures can help to centralize business logic. If you make changes to a stored procedure, the changes are immediately available to all client applications that use it. Stored procedures are programs that have the following characteristics: • Contain procedural constructs with SQL statements • Are stored in databases and run on DB2 servers • Can be called by name by an application that is using SQL • Allow an application program to run in two parts: the application on the client and the stored procedure on the server The following figures show how two client applications access a database located on a database server. A client application that does not use stored procedures to access a database can require more network traffic. A client application that takes advantage of a stored procedure can help to reduce network traffic and the number of times the database is accessed. A typical stored procedure contains one or more SQL statements and some manipulative or...
Words: 2097 - Pages: 9
...Best practices for Disaster Recovery. Research Assignment 9 Robert Montini (18738519) Mr. Troianos Research Assignment 9 Robert Montini (18738519) Mr. Troianos Best practices for securing SQL Server. Best Practices for Disaster Recovery. Bad things happen, but to a corporation, entity or country, a bad thing happening to its server is worse than bad. It’s a Disaster. The loss of crucial information, records and vital statistics can bring the death to whatever the data base is associated to. That is why Disaster Recovery is one of the most prioritized tasks a data base team may face. Given that the creating a data base is in itself the major goal, protecting that data base should a disaster befall it is as important. There are numerous ways to do this. This paper deals with the best practices of how to accomplish this. The first thing should be to make a backup plan. This should: 1. A computer where the backup will be stored 2. What programs that will be used to back up the database 3, The computers to be backed up 4. A schedule of when to backup new data to the data base 5. The offsite location where the data base recovery data will be stored The second practice is to document all the changes that are made to the database. These include service packs, hot fixes and QFEs that have been applied. This is crucial for getting a data base restored to its original state should a disaster occur. These steps should be implemented to help prevent or minimize the...
Words: 1274 - Pages: 6
...Oracle9i: Program with PL/SQL Instructor Guide • Volume 2 40054GC11 Production 1.1 October 2001 D34008 Authors Nagavalli Pataballa Priya Nathan Copyright © Oracle Corporation, 1999, 2000, 2001. All rights reserved. This documentation contains proprietary information of Oracle Corporation. It is provided under a license agreement containing restrictions on use and disclosure and is also protected by copyright law. Reverse engineering of the software is prohibited. If this documentation is delivered to a U.S. Government Agency of the Department of Defense, then it is delivered with Restricted Rights and the following legend is applicable: Restricted Rights Legend Use, duplication or disclosure by the Government is subject to restrictions for commercial computer software and shall be deemed to be Restricted Rights software under Federal law, as set forth in subparagraph (c)(1)(ii) of DFARS 252.227-7013, Rights in Technical Data and Computer Software (October 1988). This material or any portion of it may not be copied in any form or by any means without the express prior written permission of Oracle Corporation. Any other copying is a violation of copyright law and may result in civil and/or criminal penalties. If this documentation is delivered to a U.S. Government Agency not within the Department of Defense, then it is delivered with “Restricted Rights,” as defined in FAR 52.227-14, Rights in Data-General, including Alternate III (June 1987). The information in this...
Words: 41259 - Pages: 166
...Practice 1: Overview This is the first of many practices in this course. Practices are intended to cover all topics that are presented in the corresponding lesson. Note the following location for the lab files: E:\labs\SQL1\labs If you are asked to save any lab files, save them at this location. To start ISQL*Plus, start your browser. You need to enter a URL to access iSQL*Plus. The URL requires the host name, which your instructor will provide. Enter the following command, replacing the host name with the value that your instructor provides: http://<HOSTNAME:5561>/isqlplus In any practice, there may be exercises that are prefaced with the phrases “If you have time” or “If you want an extra challenge.” Work on these exercises only if you have completed all other exercises in the allocated time and would like a further challenge to your skills. Perform the practices slowly and precisely. You can experiment with saving and running command files. If you have any questions at any time, ask your instructor. Practice 1 Test your knowledge: 1. Initiate an iSQL*Plus session using the user ID and password that are provided by the instructor. 2. iSQL*Plus commands access the database. True/False 3. The following SELECT statement executes successfully: SELECT last_name, job_id, salary AS Sal FROM employees; True/False 4. The following SELECT statement executes successfully: SELECT * FROM job_grades; True/False 5. There are four...
Words: 520 - Pages: 3
...activities is responsibility of • A. Database administrator • B. DP Manager • C. DB Manager • D. None of above Answer: Option A 1. 3. 3.The command that adds a new field to an active database is • A. MODIFY LABEL • B. MODIFY COMMAND • C. MODIFY STRUCTURE • D. MODIFY REPORT Answer: Option C 4.Which command is used to set a link between two database files • A. JOIN • B. UPDATE • C. BROWSE • D. SET RELATION Answer: Option D 5.The distinguishable parts of a record are called • A. files • B. data • C. fields • D. formats Answer: Option C 6.Related fields in a data base are grouped to form • A. data file • B. data record • C. menu • D. bank Answer: Option B 7.Data item characteristics that are important in data management include • A. punctuation • B. language • C. spelling • D. width Answer: Option D 8.Data dictionary tell DBMS • A. what files are in the database • B. what attributes are processed by data • C. what these files contain • D. all of above 9.Data management system may be implemented as • A. system software • B. application software • C. computer program • D. all of above 10.RAID configurations of a disk are used to provide • A. fault tolerance • B. high speed • C. high data density • D. none of above 11.Which normal form is considered adequate for normal relational...
Words: 1983 - Pages: 8
...SQL & QBE There are three typical operations that are done in querying databases (relational algebra): (1) Project—select columns [SELECT in SQL] (2) Restrict—select rows [WHERE] (3) Join—select columns and merge on rows that meet conditions [FROM] & [WHERE] Relational algebra is not used in current systems. It is a conceptual/theoretical way to manipulate RDBs. Structured Query Language (SQL) is a widely used language that retrieves and updates data in tables and views (manipulate RDBs). QBE is a user interface that simplifies SQL procedures. Other than some minor syntax differences, SQL is standardized. It is very powerful—i.e. you can do almost anything with data tables that you want. It is also simple to use. SQL is set based—returns a subset of tables referenced. Action queries enable user to change, insert, create, and delete data sets (tables). Selection queries retrieve and display data. Parameter queries prompt for input information. Dynasets are temporary tables that Access uses to store data resulting from a query. Tables must be related if used in a query. Natural join (equijoin or inner join)—most common kind of join. Two tables are joined on the common (join) column. The WHERE (=) statement specifies the join column(s) in which the rows have to match. Outer join (full)—all rows from both tables are included in output table (left and right outer joins would include all rows in one table but only the matches from the other). ...
Words: 1410 - Pages: 6
...multiplication operator is *, not x, as shown in line 2. The ANNUAL SALARY alias cannot include spaces. The alias should read ANNUAL_SALARY or should be enclosed in double quotation marks. A comma is missing after the LAST_NAME column. Part 2 Note the following location for the lab files: \home\oracle\labs\SQL1\labs If you are asked to save any lab files, save them at this location. To start Oracle SQL Developer, double-click the SQL Developer desktop icon. Before you begin with the practices, you need a database connection to be able to connect to the database and issue SQL queries. Oracle Database 10g: SQL Fundamentals I A - 2 Practice 1: Solutions (continued) 4. To create a new database connection in the Connections Navigator, right-click Connections. Select New Connection from the menu. The New/Select Database Connection dialog box appears. 5. Create a database connection using the following information: a. Connection Name: myconnection b. Username: ora1 c. Password: ora1 d. Hostname: localhost e. Port: 1521 f. SID: ORCL g. Ensure that you select the Save Password check box. Oracle Database 10g: SQL Fundamentals I A - 3 Practice 1: Solutions (continued) You have been hired as a SQL programmer for Acme Corporation. Your first task is to create some reports based on data...
Words: 6452 - Pages: 26
