- Require SSL encryption for remote access; Prevents intercepted transmissions,
ID: 3582651 • Letter: #
Question
- Require SSL encryption for remote access; Prevents intercepted transmissions, including passwords, to be read as “clear text”.
- Require all accounts to have a password; Prevents unauthorized use of an account by other than the account holder.
- Avoid running the MySQL server process as the UNIX/LINUX root/superuser;Prevents someone that successfully gains access to the MySQL server also gaining the ability to create and execute arbitrary files in the host computers filesystem.
- Avoid granting PROCESS or SUPER privilege to a non-administrative user; Prevents an unauthorized user modifying any of the data, tables, and even MySQL processes and log files without authorization or detection.
- Avoid the use of symlinks to tables; Prevents “man-in-the-middle” attack intercepting passwords transmitted in clear text.
Explanation / Answer
Answer:
5) Avoid the use of symlinks to tables; Prevents “man-in-the-middle” attack intercepting passwords transmitted in clear text.
Explanation: symlinks are used to link mysam index file to another directory with the index directory. when mysqlId is run as root it will enable write access to the server's data directory and its possible to delete any file in the system.
4) Avoid granting PROCESS or SUPER privilege to a non-administrative user; Prevents an unauthorized user modifying any of the data, tables, and even MySQL processes and log files without authorization or detection.
Explanation: process outputs the statements executed and if the user is permitted to see the server process, all the statements executed by other users are also visible. super privilege gives user the ability to terminate all client connections, change system variables and control servers.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.