Options

A few questions I haven't been able to find..

/usr/usr Member Posts: 1,768
in Security+
I just have a few questions that I haven't been able to find the answers to.

Does S/MIME automaticaly encrypt outgoing mail or encrypt messages/files?

What is the SQL Security model? I haven't been able to find what I'm looking for in any links.
· Share on FacebookShare on Twitter

Comments

  • Options
    Ricka182Ricka182 Member Posts: 3,359
    I don't know much about Security, but.....this may help....

    http://www.developer.com/tech/article.php/721441

    http://www.sqlsecurity.com/DesktopDefault.aspx
    i remain, he who remains to be....
    · Share on FacebookShare on Twitter
  • Options
    /usr/usr Member Posts: 1,768
    So...is it objects, access, and users?
    · Share on FacebookShare on Twitter
  • Options
    xeviousxevious Member Posts: 59 ■■□□□□□□□□
    S/MIME

    I can share how it works from my experience using it just to give you some practical knowledge. My client is ms outlook 2003.

    I have a digital ID from verisign (trusted CA) and use it to sign all my e-mails. This satisfies non-repudiation so the recipient knows the e-mail truly originated from me.

    The recipient receives my digitally signed e-mail and adds me to his contacts which includes attaching my digital cert. At this point, he has the option of encrypting messages addressed to me.

    Not sure how to answer your question about s/mime automatically encrypting outgoing messages. If I select a couple of check-boxes in my outlook client - it will always attempt to encrypt outgoing messages. Outlook will first verify if I have the recipient's cert. If not, it'll complain that I can't encrypt the message and will go out as clear text.

    If your question was worded as 'Can outgoing e-mails be automated to encrypt messages using s/MIME?' I would say sure.

    Wow, I'm getting flashbacks about the sec+ exam in the way questions were somewhat wordy. :D

    Good luck!

    -Xevious
    · Share on FacebookShare on Twitter
  • Options
    PSUalumPSUalum Member Posts: 16 ■□□□□□□□□□
    I'm planning to sit the Sec+ exam myself shortly. I have been watching several Sec+ forum posts for the past month and a half. I've been researching every subject matter that others have seen questions on, but that many authors fail to include in their publications.

    Your same question has been asked in a few posts, so it caught my attention, especially since I have not seen any book discuss it. Some go into a little spin about database security, but not a bloomin' thing is mentioned about the model SQL uses.

    It took a bit of digging around at several sites, but according to the sources I found, it seems the SQL Security Model uses Discrestionary Access Control based on......Users, Objects and Actions.

    Users: Consisting of user authentication at the time of login.
    Objects: Consisting of Tables, Views and Columns.
    Actions: Consisting of SELECT, UPDATE, INSERT and DELETE commands.

    Hope this helps.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.