ࡱ> ;@ ubjbjkk 4z g%v"""""""68L67|( :D X q6s6s6s6s6s6s6$8R:69"d d d 6"" 6"""d r" " q6"d q6""#y2|""3  6[!24\6073;d"p;$366"""";"3$d d "d d d d d 6666d"66Is a password required when using a role or just when the role is granted to a user? (About User Default Roles p. 261 Oracle Security Handbook) If a password is required, you must use the set role command before the privileges that the role conveys become available for your use. (Oracle 8 Personal Edition Help) If you grant a password-protected role to a user, the user must provide the password when enabling the role via the SET ROLE statement. Passwords are optional for roles. However, only those users who have role privileges may use the role. Can you change the names of the SYS or SYSTEM account? No. Where is the Oracle password file? The Oracle Password File ($ORACLE_HOME/dbs/orapw or orapwSID) stores passwords for users with administrative privileges. What are the Privileges of CONNECT vs RESOURCE vs DBA? As you can see below these roles do more than just allow a user to connect to the database. Should they be able to create tables, views, links, and triggers? (source: Oracle 8 Adminstrators guide) Role Name Privileges Granted To Role CONNECT 1 ALTER SESSION, CREATE CLUSTER, CREATE DATABASE LINK, CREATE SEQUENCE, CREATE SESSION, CREATE SYNONYM, CREATE TABLE, CREATE VIEW RESOURCE 1,2 CREATE CLUSTER, CREATE PROCEDURE, CREATE SEQUENCE, CREATE TABLE, CREATE TRIGGERDBA 1,3, 4All system privileges WITH ADMIN OPTION Does DBMS update V$PARAMETER to the value listed in init? V$PARAMETER shows the current configuration of of parameter values. If something is changed in the inti or config files and the database is shut down and restarted these values will then update V$PARAMTER. Where can I get an audit program?  HYPERLINK "http://www.auditnet.org/asapind.htm" http://www.auditnet.org/asapind.htm has an OK one that serves as a good base. Modify it to suit your needs then shoot me a copy! Also the Oracle Security Handbook Appendix B as a number of security checklists that could be used to form an audit program. Is there any ability to restrict users to a console in Oracle? I didnt see anything. If anyone knows a DBA ask them and let us know! Ill post the question and see if it gets answered. What are the best practice values for the default profile? FAILED_LOGIN_ATTEMPTS - failed login attempts before the account is locked (I recommend 3) PASSWORD_LIFE_TIME - limits the number of days the same password can be used for authentication (I recommend 30 for privileged users and 60-90 for users) PASSWORD_REUSE_TIME - number of days before a password can be reused (I recommend 1800) PASSWORD_REUSE_MAX - number of password changes required before the current password can be reused (I recommend UNLIMITED) Specify either PASSWORD_REUSE_TIME or PASSWORD_REUSE_MAX, but do not use both at the same time. PASSWORD_LOCK_TIME - number of days an account will be locked after maximum failed login attempts (I normally recommend UNLIMITED require the DBA to reset however this it may present a DoS vulnerability) PASSWORD_GRACE_TIME - number of days after the grace period begins during which a warning is issued and login is allowed (I recommend 0, otherwise a user pwd may beolder than the password lifetime because the of the grace time) PASSWORD_VERIFY_FUNCTION - password complexity verification script (I think the script should require passwords to contain at least one alphabetic and one non-alphabetic character and be minimum of 6 characters for end-users and 8 characters for system administration accounts or match your organizations password requirements if the DBA ran utlpwdmg.sql this and more is required) What are some of the default users and their passwords? What are they used for? See http://www.orafaq.com/faqdbase.htm#DEFUSERS Does ALL_USERS views show all users logged in or all users with access to the database? show a complete list of the items in the underlying table less any sensitive information. I recommend you get the DBA view are intended for use by the DBA and list all items in an underlying table (Oracle Security Handbook p. 220) Can the cascade option for revokes be limited or controlled? I didnt see anything. If anyone knows a DBA ask them and let us know! Ill post the question and see if it gets answered. How long are tokens used for authentication stored/ valid? What type of encryption does Oracle use: (Database Security in Oracle8i "!An Oracle Technical White Paper February 1999) The Oracle password protocol provides security for client-server and server-server password communication by encrypting passwords passed over a network. The Oracle password protocol uses a session key valid for a single database connection attempt to encrypt the user's password. Each connection attempt uses a separate key for encryption, making the encryption more difficult to decipher. After the key-encrypted password is passed to the server, the server decrypts it, then re-encrypts it using a Data Encryption Standard (DES) based on one-way encryption algorithm and compares it with the password stored in the database. If they match, the user successfully connects to the database. The Oracle password protocol is used to encrypt all passwords upon an attempted connection whether local connection, client to server, or server to server. (Configuring Encryption p. 345 Oracle Security Handbook) Triple DES, 128-bit RC-4, or 40-bit DES What is AUDIT_OPTION field in the auditing tables used for? This field specifies which commands you are auditing. For example CREATE TABLE or ALTER TABLE are some of the many actions that could be audited. Remember it can be set to audit upon successful use failed use or both. What audit options are available in DBA_OBJ_AUDIT_OPTS? The character "-" indicates that the audit option is not set. The character "S" indicates that the audit option is set, BY SESSION. The character "A" indicates that the audit option is set, BY ACCESS. Each audit option has two possible settings, WHENEVER SUCCESSFUL and WHENEVER NOT SUCCESSFUL, separated by "/". What level is Label Security set? See  HYPERLINK "http://www.orafaq.com/faqdbase.htm#LABEL" http://www.orafaq.com/faqdbase.htm#LABEL This makes it pretty clear Label security is set at the user level. What does DCE stand for? See  HYPERLINK "http://www.webopedia.com/TERM/D/DCE.html" http://www.webopedia.com/TERM/D/DCE.html What is the extension for scripts? .sql for example utlpwdmg.sql runs allows DBAs to require minimum lengths on passwords. Oracle Product Security Documentation  HYPERLINK "http://otn.oracle.com/docs/deploy/security/content.html" http://otn.oracle.com/docs/deploy/security/content.html Oracle Security Alerts  HYPERLINK "http://otn.oracle.com/deploy/security/index2.htm?Info&alerts.htm" http://otn.oracle.com/deploy/security/index2.htm?Info&alerts.htm Oracle FAQ  HYPERLINK "http://www.asktom.oracle.com" www.asktom.oracle.com  HYPERLINK "http://www.orafaq.com" www.orafaq.com SANS (Systems Administration, Networking, and Security) Research and education organization Reading Room Can be a resource for information on security subjects  HYPERLINK "http://rr.sans.org/index.php" http://rr.sans.org/index.php Newsbites a mailing service that pulls all security articles  HYPERLINK "http://www.sans.org/newlook/digests/newsbites.htm" http://www.sans.org/newlook/digests/newsbites.htm Auditnet.org has audit programs including an Oracle database audit program  HYPERLINK "http://www.auditnet.org/asapind.htm" http://www.auditnet.org/asapind.htm CERT (Computer Emergency Response Team) An advisory service http://www.cert.org/ Jargon Dictionary Helps decrypt some of that hacker lingo  HYPERLINK "http://info.astrian.net/jargon/" http://info.astrian.net/jargon/ Webopedia Helps define computer terms and concepts  HYPERLINK "http://www.webopedia.com/Computer_Science/Databases" http://www.webopedia.com/Computer_Science/Databases What are some of the key Oracle privileges that should be examined? List is not comprehensive but represents quick & dirty checklist. NameALTER DATABASE ALTER SYSTEMALTER USERCREATE USERCREATE SNAPSHOTCREATE ROLE CREATE LIBRARYCREATE PROFILEGRANT ANY PRIVILEGE RESTRICTED SESSIONWITH ADMIN OPTION Any other privileges with the words ALTER, CREATE, or ANY in them. What are some of the recommended values for the init file? NameRecommended ValueAudit_trailOS07_DICTIONARY_ACCESSIBILITYFALSEdb_encrypt_loginTRUEora_encrypt_loginTRUEos_authent_prefixBlankos_rolesFALSE if OS roles not well restrictedremote_os_authentFALSEremote_os_rolesFALSERESTRICT_ADMIN_LISTENER and/or ADMIN_RESTRICTIONS_listener_name in listener.oraTRUE ONResource_limitTRUE What things should I request? Obtain DBA_Roles view which lists all roles in DB Obtain DBA_Roles view which lists all roles granted to users and roles in DB Obtain DBA_SYS_PRIVS view which lists the system privileges granted to users and roles Obtain DBA_TAB_PRIVS view which lists privileges on objects in DB Obtain DBA_USERS view which lists account information for all users in DB Obtain ROLES_ROLES_PRIVS view which lists all roles granted to roles in DB Obtain ROLES_SYU. / f j l A     1 2 3 ƮƝƝƝƋzfPfP*h%h5CJOJPJQJ\^JaJ&h%h5CJOJQJ\^JaJ h%h%CJOJQJ^JaJ#hB*CJOJQJ^JaJph h%hCJOJQJ^JaJ/h%h5B*CJOJQJ\^JaJph)h%hB*CJOJQJ^JaJph#h%h%5CJOJQJ^JaJ#h%h5CJOJQJ^JaJU < . / f j k l A   2 $Ifcuu2 3 ? {$If$Ifxkd$$If-0ll*0634-ab3 ; > ? ! $ & ' ( * + , V ]_opڵڵiVڵڵ$h%h0JCJOJQJ^JaJ8jh%hB*CJOJQJU^JaJph2jh%hB*CJOJQJU^JaJph)h%hB*CJOJQJ^JaJph#h%h5CJOJQJ^JaJ$h%hCJOJPJQJ^JaJ h%hCJOJQJ^JaJ(h%h0JCJOJPJQJ^JaJ! {$If$Ifxkd$$If-0ll*0634-ab ! , T {$If$IfxkdN$$If-0ll*0634-abT U V ^_opw & Fdd[$\$zkd$$If-h0ll*0634-ab tSWfh#6 /!B!G!^!s!t!!!ӰӰӰӰӰӰӰttttӰ%h%h0JB*OJQJ^Jph,h%h5B*CJOJQJ^JaJph#h%h5CJOJQJ^JaJ h%hCJOJQJ^JaJ# *h%hCJOJQJ^JaJ)h%hB*CJOJQJ^JaJph-h%hB*CJOJPJQJ^JaJph%t:# & F7$8$H$7$8$H$ dd7$8$H$[$\$ & Fdd[$\$6 u !s!t!!B"C"\""""B#C#j####$$$$$$%% % & Fdd[$\$!!!!!!!C"\"_"`"a""""""""B#C#j#Ѵя~i~Qii~~?# *h%hCJOJQJ^JaJ/jh%hCJOJQJU^JaJ)jh%hCJOJQJU^JaJ h%hCJOJQJ^JaJ#h%h5CJOJQJ^JaJ$h%h0JCJOJQJ^JaJ8jh%hB*CJOJQJU^JaJph)h%hB*CJOJQJ^JaJph2jh%hB*CJOJQJU^JaJphj#k######$$S$T$U$$$$$$$$$$$$ % %%%%%%%׽׏u[2j  *h%hCJOJQJU^JaJ2j *h%hCJOJQJU^JaJ2j* *h%hCJOJQJU^JaJ' *h%h0JCJOJQJ^JaJ2j *h%hCJOJQJU^JaJ# *h%hCJOJQJ^JaJ,j *h%hCJOJQJU^JaJ %|%% &&M&&&&'h'i'''''F(G(z(((((((<))))$If$a$%%% & &M&N&&&&&&''A'B'C'f'g'h'''#(ϻϩϩϻϩziQz>ziϩ$h%h0JCJOJQJ^JaJ/jg h%hCJOJQJU^JaJ h%hCJOJQJ^JaJ)jh%hCJOJQJU^JaJ2j*  *h%hCJOJQJU^JaJ# *h%hCJOJQJ^JaJ' *h%h0JCJOJQJ^JaJ,j *h%hCJOJQJU^JaJ2jA  *h%hCJOJQJU^JaJ#($(%(D(E(z({(((((((((<)***ϻϩϩϻϩ}lZE1l&h%h5CJOJQJ\^JaJ)h%hB*CJOJQJ^JaJph#h%h5CJOJQJ^JaJ h%hCJOJQJ^JaJ#h%h<CJOJQJ^JaJ2ja *h%hCJOJQJU^JaJ# *h%hCJOJQJ^JaJ' *h%h0JCJOJQJ^JaJ,j *h%hCJOJQJU^JaJ2jl  *h%hCJOJQJU^JaJ)))))C[kd%$$IflL064 la$If[kd$$IflL064 la)))))C[kd#$$IflL064 la$If[kd$$IflL064 la)))))C[kd!$$IflL064 la$If[kd$$IflL064 la)))))C[kd$$IflL064 la$If[kd$$IflL064 la)***)*C[kd$$IflL064 la$If[kd$$IflL064 la)***=*>**C[kd$$IflL064 la$If[kd$$IflL064 la********$If[kd$$IflL064 la***!,A,.taucuuuuuuuuuu{l{hdR90jh%h%0J5CJOJQJU^JaJ#h%h%5CJOJQJ^JaJhh%h%5CJOJQJ^JaJ#h%h55CJOJQJ^JaJ#h%h%5CJOJQJ^JaJh5h55OJQJ^JU h%hCJOJQJ^JaJ)h%hB*CJOJQJ^JaJph/h%h5B*CJOJQJ\^JaJph#h%h5CJOJQJ^JaJ****$Ifnkd$$Ifl0,"LL064 la**+ +$Ifnkd$$Ifl0,"LL064 la + ++!+$Ifnkd'$$Ifl0,"LL064 la!+"+4+9+$Ifnkd$$Ifl0,"LL064 la9+:+L+R+$Ifnkd5$$Ifl0,"LL064 laR+S+\++$Ifnkd$$Ifl0,"LL064 la++++$IfnkdC$$Ifl0,"LL064 la++++$Ifnkd$$Ifl0,"LL064 la++,, ,$IfnkdQ$$Ifl0,"LL064 la , ,, ,$Ifnkd$$Ifl0,"LL064 la ,!,",#,A,s,,-Z---Cttubucu & Fnkd_$$Ifl0,"LL064 laS_PRIVS view which lists system privileges granted to roles in DB Obtain DBA_SYS_PRIVS view which lists system privileges granted to privileged roles such as CONNECT , RESOURCE , and INTERNAL Obtain ROLE_TAB_PRIVS view which lists table privileges granted to roles in DB Obtain PRODUCT_PRIVS view which lists Product Table restrictions on users in DB Oracle Class October 17 & 18, 2002 Answers For Questions Generated During Class Page  PAGE 1/ NUMPAGES 4 cuuuuuuuuuu$a$gd%$&dPa$gd5$a$gd% uuuuuuuuuuuuuuһһҩ h%hCJOJQJ^JaJh#h%h%5CJOJQJ^JaJ,h50J5CJOJQJ^JaJmHnHu0jh%h%0J5CJOJQJU^JaJ'h%h%0J5CJOJQJ^JaJ 2&P1h:p%/ =!"#$%$$If!vh55%#v#v%:V -06,5/ 34-$$If!vh55%#v#v%:V -065/ 34-$$If!vh55%#v#v%:V -065/ 34-$$If!vh55%#v#v%:V -h065/ 34-DyK $http://www.auditnet.org/asapind.htmyK Hhttp://www.auditnet.org/asapind.htmDyK )http://www.orafaq.com/faqdbase.htm#LABELyK Fhttp://www.orafaq.com/faqdbase.htmLABELDyK )http://www.webopedia.com/TERM/D/DCE.htmlyK Rhttp://www.webopedia.com/TERM/D/DCE.htmlUDyK 8http://otn.oracle.com/docs/deploy/security/content.htmlyK phttp://otn.oracle.com/docs/deploy/security/content.htmlyDyK Ahttp://otn.oracle.com/deploy/security/index2.htm?Info&alerts.htmyK http://otn.oracle.com/deploy/security/index2.htm?Info&alerts.htmDyK www.asktom.oracle.comyK <http://www.asktom.oracle.com/DyK www.orafaq.comyK .http://www.orafaq.com/DyK http://rr.sans.org/index.phpyK :http://rr.sans.org/index.php=DyK 2http://www.sans.org/newlook/digests/newsbites.htmyK dhttp://www.sans.org/newlook/digests/newsbites.htmDyK $http://www.auditnet.org/asapind.htmyK Hhttp://www.auditnet.org/asapind.htmDyK  http://info.astrian.net/jargon/yK @http://info.astrian.net/jargon/EDyK 4http://www.webopedia.com/Computer_Science/DatabasesyK hhttp://www.webopedia.com/Computer_Science/Databases}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4}$$If!vh5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4$$If!vh5L5L#vL:V l065L4@@@ NormalCJ_HaJmH sH tH :@: Heading 1$@&5\DA@D Default Paragraph FontVi@V  Table Normal :V 44 la (k@(No List Bb@B HTML CodeCJOJPJQJ^JaJ6U@6 Hyperlink >*B*phFV@F FollowedHyperlink >*B* phZ^@"Z Normal (Web)dd[$\$CJOJPJQJ^JaJBB@2B Body Text 7$8$H$ B*ph*W@A* Strong5\>OR> tbdd[$\$OJPJQJ^JDC@bD Body Text Indent h^h4@r4 %Header  !4 @4 %Footer  !.)@. % Page Number%zU<./fjkl  A 23? !,TUV^_op t :':ywxFG`FGn"#$QlmJK~@    - . A B !!! !%!&!8!=!>!P!V!W!`!!!!!!!!!" """"$"%"&"'"E"w""#^###G$$%f%g%%%%%%%%0P0000000000000000000000000000000000000 0 0 0 00 0 0 000000000000 0 000000p 0p 0p 0p0p00p00p0p0p0p0p0p0p0p0p0p0p0p0p0p0p0000p00p00p00p00p00p0 0 0 0 0 0 00 0 080 0p000p0p0p0p0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 000p0p0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h0h 0l 0h 0h 0l 000p 0'" 0'" 0'" 0'" 0'" 0'"  0'" 0'"  0'" 0 '" 0@0@0@0p@0]y00 L@00LUUuuux3 !j#%#(*uu"#%&.<2 T  %))))))**** +!+9+R++++ , ,cuu !$'()*+,-/0123456789;udnX QFj(H~%XXXXXXXXXXXXZaceprx! _Hlt24436648 _Hlt24436649%@@%-/9; : = B I  KT !!&!7!>!O!W!_!!!!!!!!"""L"U"~""g%%%g%%%3333333333f%g%%%%%%%%%%g%%% Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan HoganJM267529.֧vApNI:>O\M]H;|#h2^`CJOJQJo(^`CJOJQJo(opp^p`CJOJQJo(@ @ ^@ `CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(PP^P`CJOJQJo(h^`.h^`.hpLp^p`L.h@ @ ^@ `.h^`.hL^`L.h^`.h^`.hPLP^P`L.hh^h`B*CJOJQJo(ph88^8`CJOJQJo(o^`CJOJQJo(  ^ `CJOJQJo(  ^ `CJOJQJo(xx^x`CJOJQJo(HH^H`CJOJQJo(^`CJOJQJo(^`CJOJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(^`CJOJQJo(^`CJOJQJo(opp^p`CJOJQJo(@ @ ^@ `CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(PP^P`CJOJQJo(hhh^h`.h88^8`.hL^`L.h  ^ `.h  ^ `.hxLx^x`L.hHH^H`.h^`.hL^`L.9H;|]vA:>O."a|LB4>N4n @BܳlГ         4T@tu,XRL:%4Fx$4D         FlN`d\.z(1@X*D^|P         5% 23? !,TU    - . A B !!! !%!&!8!=!>!P!V!W!`!!!!!!!!!""""$"%"%@,,mGkk,,4$%@@@@8@@@UnknownG: Times New Roman5Symbol3& : ArialIArial Unicode MS?5 : Courier New;Wingdings"qh#1TableL;WordDocument4zSummaryInformation(jDocumentSummaryInformation8rCompObjj  FMicrosoft Word Document MSWordDocWord.Document.89qOh+'0 ,@ P\ x  QI password required when using a role or just when the role is granted to a user  pa Ryan Hoganryanyan Normal.dotrJM26752326Microsoft Word 10.0@Ik@I@8>՜.+,D՜.+,T hp  5Jefferson Wells International.CT%A QI password required when using a role or just when the role is granted to a user Title 8@ _PID_HLINKSAPH1J!4http://www.webopedia.com/Computer_Science/Databaseswf http://info.astrian.net/jargon/;{$http://www.auditnet.org/asapind.htm@2http://www.sans.org/newlook/digests/newsbites.htmXhttp://rr.sans.org/index.php;*http://www.orafaq.com/http://www.asktom.oracle.com/F Ahttp://otn.oracle.com/deploy/security/index2.htm?Info&alerts.htmgw 8http://otn.oracle.com/docs/deploy/security/content.htmlP)http://www.webopedia.com/TERM/D/DCE.htmli*#http://www.orafaq.com/faqdbase.htmLABEL;{$http://www.auditnet.org/asapind.htm2&P1h:p%/ =!"#$% 44 n8ʦK0ہ,Ccq?`aPNG  IHDR]WfWPLTE3f3333f333ff3fffff3f3f̙3f3333f3333333333f3333333f3f33ff3f3f3f3333f3333333f3̙333333f333ff3ffffff3f33f3ff3f3f3ffff3fffffffffff3fffffff3fff̙ffff3fffff3f̙3333f33̙3ff3ffff̙f3f̙3f̙̙3f̙3f3333f333ff3fffff̙̙3̙f̙̙̙3f̙3f3f3333f333ff3fffff3f3f̙3fez|bKGDH cmPPJCmp0712HsIDATx^]K۸( q&B&'VOzɤ=z+| ꯲N-y^ q}ݮCk ds(iI1r\zܴz慎ZUsyUhMSbA(oI8&%O{zT% Sޟ3p2ÔV4vT}ljn]׹ۑMS<*L_; "<mV}ɲj6Q,;Iy_EC}PdW$JI2CU~hT-UesoȻ_s0޶ :tV>R5څԸ)aåϺ>yнY*/议<]l˿7ok>[fj$}nf$$Gav[+~)Z,|mQ襕jVMK<5uvZ8.fuUUb,@J,I3}iѮ #'%jY ^-ӄRBk-ኳC^QŐ6h)>k]:o!%@W5M%fzq[Lja^>".p:d[Jkt3 *˂ n>iԙRm`+ lŻg'}lR4]6@-,oVcX49*]Ø kEtX/ClH{oH"ށٴ$}}L~?IߞRw+6'Ŵ5 TKKPfnd{(.ؼQ >'V6-6[dmAMUѺ*<*3[۱%7Aɟ޺U67 J"'sT^%QOJb]'ۈh=݀ 4$3f؇\JRvݵ1dAkp%L ~6<$t>Q JaKiS"[ɐ܎27Dw|0;#L͒/o6J9cHh1|-͒Zڸq ufK91 /!5\Gu A(Amr%-2C5԰V8^+MY\bB7hZаgS`Vf m|T4A>@0נ 6w- z(ĥa*CEDWQټ+!)㔠pkXsWT ?.:ZRU~B *4gT7j 䘔EJN)F W2U=%lt Y{,rW6?zibvoeIm9g`H ϓ4 q%hR+0qTVDij]]&G*3;Yh#?0oOe'_JU`s1|EiPI@?]c3>h$nj UzۼD+=%uq}G\qe}$x3]uMn%v!%^:=BWi:6%+ѳXD. e+@!m,V z>Ps2:,+6rߞ% [K˙ֱ쪹Ljnv-*Mvﰈjޜ#Bɱ N-xw2-`A8Uns2Cٵ|mjeLU9*s;暴o>x1-TإXDv)j^n4D}FA~jx7xT6Su ]VZOXq0)sk%gV>+:酜vKVxirsd,;^\ fCY3ߑ3 ˱e㌄= 0YBx_ f1qe o~w<)b_kfRvsȳsۖLFSWyNP.~@w$-e\;nvCԴʣ{ =Hƭ;"Mwʴ6YMy4:XihrhxP[rZFMn-*̔E 9b-G>Y?Cr. "4P_3t-N5N#tpn9@8&BŽL> q!lPxzߐ΢|'Yůbw̷b_t1Rq~9s>|k6WTKϏ4)3Gރ@ | 'S7ǢM]u> ~rhIY:&[C$#Z|G}2>,B ܹvM?l>B+Szy6ۇՔ(:S>|, MmvkslN4LU*zGԴՃV)8(:g#}x!a[kQ]D/\Z)V~|"EI#ev~hVA~*\}v2>ҋ] qJY4|Zv2};fx,1,**U:٘GCW=W]M\Rc/&1'%ɣE35ql!SC2On#=fK!k&-*c:R,hGTfՓ4F]Ӟͯl,@Z۷gp.E<ҋ)|,J5튀 \)G i_8F}OmJ*^ᑏe?ߧ]Q4wn/TfP avW1 dV|׮ؿϮtW-2^N//p"3Zgދ ws?Ta{YIy :Mlh!qd3-o&1k`9.8t-~l]F@u,o2o-F`zF?޲6nZtutze,;5qңI~"ۮ-3n o =@,*e|h}LN~-lGsܑѤ{+6:l2߼nAU;;&!M8͍}\j=P!.LxҰ6QưZjRE}2a=MÚIfC1q'~yWM-\Yz[\zQbG^+bSOXBWV=G2lp߾ sMXz|pwK6 lӿJ*ߣfvƖsq|é*27@-Ԁ p3feрݑ+֖V-pzEzl\Ks7y6JlC[M!:""(<,.d}hk|`|q P;<{<4sGM@VQ(\khQi?U T,N/B '[@ŠREwg!grQoO\lk)3b& ~\;Hb(&E5EW+nC]bdwsL Xkik/3Lz(}ޒ+J7 m{,у`<ig0|[XyW/@7C Q\@0SW;< $hϣ9Bİ k W:78F7 i b89'=R +`ND+TV]9 _m"mQ I_:Cr*yucQ޹v:h$eٍ pYA.X()zcN̂*,kfnRߠM3ӌ.x  *H#!@7әX%%ᥦꭖif)ip2LbI:һHu FA0oXK 塾!92M6[ ݌%'1&kx1&!4ʰtcǙ q|ttuiF[đIѣӊq)vk*zAe-ګ4"E~">٤^0tu=X?sԍIENDB`cuuuuuuuuuuzz$a$gd%$&dPa$gd5$a$gd% uuuuuuuuuuuuuu6z\zzzzzһһҩteNJhQP,hQP0J5CJOJQJ^JaJmHnHuhQP5CJOJQJ^JaJhQP5OJQJ^J)jhQP5OJQJU^JmHnHu h%hCJOJQJ^JaJh#h%h%5CJOJQJ^JaJ,h50J5CJOJQJ^JaJmHnHu0jh%h%0J5CJOJQJU^JaJ'h%h%0J5CJOJQJ^JaJ@@@ NormalCJ_HaJmH sH tH :@: Heading 1$@&5\DA@D Default Paragraph FontVi@V  Table Normal :V 44 la (k(No List Bb@B HTML CodeCJOJPJQJ^JaJ6U@6 Hyperlink >*B*phFV@F FollowedHyperlink >*B* phZ^@"Z Normal (Web)dd[$\$CJOJPJQJ^JaJBB@2B Body Text 7$8$H$ B*ph*W@A* Strong5\>OR> tbdd[$\$OJPJQJ^JDC@bD Body Text Indent h^h4@r4 %Header  !4 @4 %Footer  !.)@. % Page Number &zU<./fjkl  A 23? !,TUV^_op t :':ywxFG`FGn"#$QlmJK~@    - . A B !!! !%!&!8!=!>!P!V!W!`!!!!!!!!!" """"$"%"&"'"E"w""#^###G$$%f%g%%%%%% & &0P0000000000000000000000000000000000000 0 0 0 00 0 0 000000000000 0 000000p 0p 0p 0p0p00p00p0p0p0p0p0p0p0p0p0p0p0p0p0p0p0000p00p00p00p00p00p0 0 0 0 0 0 00 0 080 0p000p0p0p0p0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 0h 0l 000p0p0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h 0l 0h 0h0h 0l 0h 0h 0l 000p 0'" 0'" 0'" 0'" 0'" 0'"  0'" 0'"  0'" 0 '" 0p@0@0@0p@0]y00 L@00/3 !j#%#(*uz"#%&.<2 T  %))))))**** +!+9+R++++ , ,cuz !$'()*+,-/0123456789;udnX QFj(H~ &XXXXXXXXXXXX!t  ,b$ʦK0ہ,Ccq?`a@|@ 0(  B S  ?(    c \A . logoxxDR`TDR`Tx"`$Q |@ _Hlt24436648 _Hlt24436649 &@@ &-/9; : = B I  KT !!&!7!>!O!W!_!!!!!!!!"""L"U"~""f%g%{%%%%%%& & &f%g%{%%%%%%& & &3333333333f%g%%%%%%%%& &g% & & Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan Hogan Ryan HoganJM267529.֧vApNI:>O\M]H;|#h2^`CJOJQJo(^`CJOJQJo(opp^p`CJOJQJo(@ @ ^@ `CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(PP^P`CJOJQJo(h^`.h^`.hpLp^p`L.h@ @ ^@ `.h^`.hL^`L.h^`.h^`.hPLP^P`L.hh^h`B*CJOJQJo(ph88^8`CJOJQJo(o^`CJOJQJo(  ^ `CJOJQJo(  ^ `CJOJQJo(xx^x`CJOJQJo(HH^H`CJOJQJo(^`CJOJQJo(^`CJOJQJo(h hh^h`OJQJo(h 88^8`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h   ^ `OJQJo(oh xx^x`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(^`CJOJQJo(^`CJOJQJo(opp^p`CJOJQJo(@ @ ^@ `CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(^`CJOJQJo(PP^P`CJOJQJo(hhh^h`.h88^8`.hL^`L.h  ^ `.h  ^ `.hxLx^x`L.hHH^H`.h^`.hL^`L.9H;|]vA:>O."a|LB4>N4n @BܳlГ         4T@tu,XRL:%4Fx$4D         FlN`d\.z(1@X*D^|P         QP5% 23? !,TU    - . A B !!! !%!&!8!=!>!P!V!W!`!!!!!!!!!""""$"%" &@8Sjh $a$gdQP$f%g%h%{%%%%%%%%%&&& & & &0@108@0@0@14z16z1@0@1\z0@0n@1p@1z1@1@1z1@0@0z0@UnknownGz Times New Roman5Symbol3& z ArialIArial Unicode MS?5 z Courier New;Wingdings"1h#'9"""""""'9"" D:v%v%v%"" " 9v%"9v%v%f&5|""}6  pdu>2$56\Z:0:5D?$pD?$}666""""D?"}6(""v%"""""'9'966d`%66Root Entry Fpdu> Data >1TableL;WordDocument@  !"#$%&'()*+,-./0123456789:?@ABCDEFGHIJKMNOPQRSTUVWXYZ[\]^_`abcdefghiSummaryInformation(DocumentSummaryInformation8 0CompObjj0Tableh?  !"#$%&'()*326Microsoft Word 10.0@Ik@I@8>՜.+,D՜.+,T hp  5Jefferson Wells International.CT%A QI password required when using a role or just when the role is granted to a user   FMicrosoft Word Document MSWordDocWord.Document.89qOh+'0 ,@ P\ x  QI password required when using a role or just when the role is granted to a user  pa Ryan Hoganryanyan Normal.dotrJM26752Title 8@ _PID_HLINKSAPH1J!4http://www.webopedia.com/Computer_Science/Databaseswf http://info.astrian.net/jargon/;{$http://www.auditnet.org/asapind.htm@2http://www.sans.org/newlook/digests/newsbites.htmXhttp://rr.sans.org/index.php;*http://www.orafaq.com/http://www.asktom.oracle.com/F Ahttp://otn.oracle.com/deploy/security/index2.htm?Info&alerts.htmgw 8http://otn.oracle.com/docs/deploy/security/content.htmlP)http://www.webopedia.com/TERM/D/DCE.htmli*#http://www.orafaq.com/faqdbase.htmLABEL;{$http://www.auditnet.org/asapind.htm