Here’s a practice task and a short quiz on Database Security Basics to reinforce Part 11’s concepts.
๐ This is based on Part 11: Database Security Basics. If you haven’t read it yet, check that out first.
๐งช Practice Task: Setting Up User Roles and Permissions
๐ฏ Objective:
Create users with specific roles and test their access permissions in both SQL and MongoDB.
๐น Part A: SQL Practice
-
Create two users:
-
reader_userwith permission to only read data from a database namedSchoolDB. -
editor_userwith permission to read and write data on the same database.
-
Test the permissions by running SELECT queries as both users, and attempt to insert data as
reader_user(which should fail).
๐น Part B: MongoDB Practice
-
Create two users in the
librarydatabase:
-
readUserwith read-only access. -
writeUserwith read and write access.
-
Using the Mongo shell or your MongoDB client, test that:
-
readUsercan query data but cannot insert or update. -
writeUsercan both query and modify data.
❓ Quiz: Quick Security Check
-
What SQL command is used to grant specific privileges to a user?
a) CREATE USER
b) GRANT
c) REVOKE
d) ALTER USER -
In MongoDB, which role allows both reading and writing to a database?
a) read
b) readWrite
c) dbAdmin
d) clusterAdmin -
What is the main purpose of encryption in databases?
a) Speed up queries
b) Protect data confidentiality
c) Organize data in tables
d) Backup data automatically -
Which security principle suggests giving users only the permissions they need?
a) Principle of least privilege
b) Separation of duties
c) Data masking
d) Role hierarchies
Next: answer key and explanations for this quiz