Merge remote-tracking branch 'upstream/main'

accessgovernance-oci-iam/connect-oci-iam/connect-oci-iam.md

@@ -45,13 +45,20 @@ In this lab, you will:
 
   ![Select OCI](images/select-oci-iam-system.png)
 
-6. Enter name  and description of the orchestrated system, and then click **Next.**
+6. Click on Next. Enter name  and description of the orchestrated system, and then click **Next.**
 
   Name: OCI-IAM
 
   Description: OCI-IAM
 
-  ![OCI Enter details](images/enter-oci-system-name.png)
+  ![OCI Enter details](images/oci-the-system.png)
+
+7. Under **Add owners** , select a primary owner and add any additional owners. 
+
+  **Who is the primary owner:** Pamela Green
+
+  Click Next
+
 
 7. To obtain the fingerprint of OCI user (agcs-user). Open a **new private browser window** and login to the OCI console **Default Domain** as the **Domain Administrator** .
 
@@ -112,9 +119,11 @@ In this lab, you will:
 
   **What is the OCI tenancy's home region?**: Enter the home region for the target OCI tenancy, using the region identifier noted down from the previous step.
 
+  **Which domain names should be included**: If nothing is selected, all the domains will be included. 
+
   Click on **Add**
 
-  ![OCI Enter details](images/details-entered.png)
+  ![OCI Enter details](images/configure-connected-system.png)
 
   Choose the option **Customize before enabling the system for data loads**. Click on **I'm done** 
 
@@ -164,4 +173,4 @@ In this lab, you will:
 
 ## Acknowledgements
 * **Authors** - Anuj Tripathi, Indira Balasundaram, Anbu Anbarasu 
-* **Last Updated By/Date** - Anbu Anbarasu, May 2023
+* **Last Updated By/Date** - Indira Balasundaram, Nov 2024

accessgovernance-oci-iam/instance-setup/ag-instance-setup.md

@@ -80,10 +80,10 @@ Login to the OCI console using the Identity domain: ag-domain as the **Identity
       ![OIG Identity Roles and Access Policies](images/aguser.png)
 
 
-    *  Click on *Assigned Users -> Manage*. Select *Mark Hernandez, Jerry Poland and Harlan Bullard* in *Available Users.* Click on *Assign*
+    *  Click on *Assigned Users -> Manage*. Select *Mark Hernandez, Jerry Poland, Harlan Bullard, Jose Walker, John Smith and David Brown* in *Available Users.* Click on *Assign*
 
 
-    * Mark Hernandez, Jerry Poland and Harlan Bullard have now been assigned with the *AG User* application role. You can now close the window.
+    * Mark Hernandez, Jerry Poland, Harlan Bullard, Jose Walker, John Smith and David Brown have now been assigned with the *AG User* application role. You can now close the window.
 
 
     You may now **proceed to the next lab.**
@@ -98,4 +98,4 @@ Login to the OCI console using the Identity domain: ag-domain as the **Identity
 ## Acknowledgments
 * **Authors** - Anuj Tripathi, Indira Balasundaram, Anbu Anbarasu 
 * **Contributors** - Edward Lu
-* **Last Updated By/Date** - Indira Balasundaram , Sept 2024
+* **Last Updated By/Date** - Indira Balasundaram , Nov 2024

accessgovernance-oci-iam/perform-policy-review/perform-policy-review.md

@@ -79,10 +79,10 @@ In this lab, you will:
 
     **Usecase 1:**  Revoke policy statement from a policy - **auditors-policy**
 
-      - Let’s revoke the policy statement **Allow group Auditors to read audit-events in compartment Quality-Assurance** from the policy  **auditors-policy**. 
+      - Let’s revoke the policy statement **Allow group Auditors to read audit-events in ag-compartment** from the policy  **auditors-policy**. 
 
 
-      - Click on the cross button under Actions column for the policy statement **Allow group Auditors to read audit-events in compartment Quality-Assurance**
+      - Click on the cross button under Actions column for the policy statement **Allow group Auditors to read audit-events in ag-compartment**
 
       ![Access Governance Homepage](images/revoke-auditor-policy.png)
 
@@ -152,4 +152,4 @@ In this lab, you will:
 
 ## Acknowledgements
 * **Authors** - Anuj Tripathi, Indira Balasundaram, Anbu Anbarasu 
-* **Last Updated By/Date** - Indira Balasundaram , Sept 2024
+* **Last Updated By/Date** - Indira Balasundaram , Nov 2024

database/advanced/intro/intro-data-masking-subsetting.md

@@ -13,7 +13,7 @@ Now, you no longer need important resources on your PC (storage, CPU or memory),
 ### Components
 The complete architecture of the **DB Security Hands-On Labs** is as following:
 
-  ![DBSec LiveLabs Archi](./images/dbseclab-archi.png "DBSec LiveLabs Archi")
+  ![DBSec LiveLabs Archi](./images/dbseclab-archi01.png "DBSec LiveLabs Archi")
 
 It's composed of 5 VMs:
   - **DBSec-Lab VM** (mandatory for all workshops: Baseline and Advanced workshops)

database/advanced/workshops/freetier-data-masking-subsetting-TTT24/manifest.json

@@ -30,7 +30,7 @@
       "title": "Lab 3: Data Masking and Subsetting (DMS)",
       "description": "In this lab you can see how to leverage Oracle Data Masking and Subsetting (DMS)",
       "publisheddate": "10/20/2020",
-      "filename": "../../data-masking-subsetting-TTT24/data-masking-subsetting.md"
+      "filename": "../../data-masking-subsetting-ttt24/data-masking-subsetting.md"
     },
     {
       "title": "Need Help?",

database/advanced/workshops/livelabs-data-masking-subsetting-TTT24/manifest.json

@@ -17,7 +17,7 @@
       "title": "Lab 2: Data Masking and Subsetting (DMS)",
       "description": "In this lab you can see how to leverage Oracle Data Masking and Subsetting (DMS)",
       "publisheddate": "10/20/2020",
-      "filename": "../../data-masking-subsetting/data-masking-subsetting.md"
+      "filename": "../../data-masking-subsetting-ttt24/data-masking-subsetting.md"
     },
     {
       "title": "Need Help?",

database/baseline/priv-analysis/priv-analysis.md

@@ -37,15 +37,15 @@ This lab assumes you have:
     <copy>sudo su - oracle</copy>
     ````
 
-    **Note**: Only **if you are using a remote desktop session**, just double-click on the Terminal icon on the desktop to launch a session directly as oracle, so, in that case **you don't need to execute this command**!
+    **Note**: Only **if you are using a remote desktop session**, just double-click on the Terminal icon on the desktop to launch a session directly as oracle. In that case, **you do not need to execute this command**!
 
 2. Go to the scripts directory
 
     ````
     <copy>cd $DBSEC_LABS/priv-analysis</copy>
     ````
 
-3. Start by ensuring the user has the "`CAPTURE_ADMIN`" role and creating the Privilege Analysis capture
+3. Start by ensuring the user has the **CAPTURE_ADMIN** role and creating the Privilege Analysis capture
 
     ````
     <copy>./pa_create_capture.sh</copy>
@@ -81,7 +81,7 @@ This lab assumes you have:
 
 ## Task 2: Analyze the workload captured
 
-1.  Generating the report
+1.  Generate the report using the following script
 
     ````
     <copy>./pa_generate_report.sh</copy>
@@ -90,10 +90,10 @@ This lab assumes you have:
     ![Privilege Analysis](./images/pa-005.png "Generate the report")
 
     **Note**:
-    - It takes all of the privileges and roles that were identified as used during the capture and compares it to the roles and privileges granted to each user
-    - It may take a few minutes to generate depending on the volume to be processed
+    - It takes all of the privileges and roles that were identified as used during the capture, then compares it to the roles and privileges granted to each user
+    - It may take a few minutes to generate depending on the volume that needs to be processed
 
-2. Next, view the report results by querying the views associated with the capture output
+2. Next, view the report results by querying the views associated with the capture output with the following script
 
     ````
     <copy>./pa_review_report.sh</copy>
@@ -106,11 +106,10 @@ This lab assumes you have:
     - This step is essential to better understand what happened on your database during this period in order to determine if your users are using their own privileges correctly or if you need to revoke some non-essential ones to avoid any risk of abuse, especially during an identity theft
     - Note that you can run this Privilege Analysis task as many times as necessary... in fact, **it is strongly recommended to do it as often as possible** to always stay in control of your users' activity rights and avoid any privilege elevation attempt by potential attackers
 
-3. Now, open the DB Admin Console (OEM Cloud Control) to view the same report but in a better way
-
+3. Now, open the DB Admin Console (OEM Cloud Control) to view the same report through Enterprise Manager
     - Open a Web Browser at the URL *`https://dbsec-lab:7803/em`*
 
-        **Notes:** If you are not using the remote desktop you can also access this page by going to *`https://<YOUR_DBSEC-LAB_VM_PUBLIC_IP>:7803/em`*
+        **Note:** If you are not using the remote desktop you can also access this page by going to *`https://<YOUR_DBSEC-LAB_VM_PUBLIC_IP>:7803/em`*
 
     - Login to Oracle Enterprise Manager 13c Console as *`SYSMAN`* with the password "*`Oracle123`*"
 
@@ -210,12 +209,12 @@ You can create different types of privilege analysis policies to achieve specifi
 
 ## Want to Learn More?
 Technical Documentation:
-- [Oracle Privilege Analysis 19c](https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/performing-privilege-analysis-find-privilege-use.html#GUID-44CB644B-7B59-4B3B-B375-9F9B96F60186)
+- [Oracle Privilege Analysis Release 23](https://docs.oracle.com/en/database/oracle/oracle-database/23/dbseg/performing-privilege-analysis-identify-privilege-use.html#GUID-44CB644B-7B59-4B3B-B375-9F9B96F60186)
 
 Video:
 - *Understanding Privilege Analysis (January 2019)* [](youtube:3oRODVtWwbg)
 
 ## Acknowledgements
 - **Author** - Hakim Loumi, Database Security PM
 - **Contributors** - Richard Evans
-- **Last Updated By/Date** - Hakim Loumi, Database Security PM - May 2024
+- **Last Updated By/Date** - Ethan Shmargad, Database Security PM - November 2024

database/common/init-start-env/init-start-env.md

@@ -16,7 +16,7 @@ This lab assumes you have:
     - Lab: Prepare Setup 
     - Lab: Environment Setup
 
-## Task 1: Validate That Required Processes are Up and Running.
+## Task 1: Validate That Required Processes are Up and Running
 
 **Note:** All screenshots for SSH terminal type tasks featured throughout this workshop were captured using the *MobaXterm* SSH Client as described in this step. As a result when executing such tasks from within the graphical remote desktop session, skip steps requiring you to login as user *oracle* using *sudo su - oracle*, the reason being that the remote desktop session is under user *oracle*.
 
@@ -107,7 +107,7 @@ This lab assumes you have:
 You may now **proceed to the next lab**.
 
 <!--
-## Task 2 - Set Glassfish to use pdb1 database in the dbseclab VM
+Task 2 - Set Glassfish to use pdb1 database in the dbseclab VM
 
 Here, we will modify the default Glassfish connection to target an Oracle Database 19c, so we can monitor, and block, SQL commands
 
@@ -165,7 +165,7 @@ Here, we will modify the default Glassfish connection to target an Oracle Databa
 
 You may now **proceed to the next lab**.
 
-## Appendix 1: Managing Startup Services
+Appendix 1: Managing Startup Services
 
 1. Database services (All databases and Standard Listener)