Ugh, not this domain again!  Haha, sorry I just can’t stand Domain 8 sometimes.  I’m more of a firewall engineer, and not so much a dev guy. 

But, you gotta know if you wanna become a CISSP!

Relational databases rely on structured relationships between tables. These relationships are controlled through database keys.

Just know the definition of the three types of keys below, taking note that the PRIMARY one is the most important. 

For CISSP candidates, understanding keys is important because they protect data integrity and relational structure inside a database.

Think of keys as the rules that keep data organized and connected. Without them, tables would become chaotic collections of records with no reliable way to link information together.

There are three key types you should understand for the CISSP exam.

Primary Key

A primary key uniquely identifies every record in a table.  You MUST have a primary key in every database.

Common examples include Customer ID, Employee ID, or even a Social Security Number.

Each table has only one primary key, and that value must always be unique.

This is what enforces entity integrity – core CISSP concept. Every row in the table must be distinguishable from every other row.

Without a primary key, you would have no reliable way to identify a specific record.

Makes sense right?

Imagine trying to manage a database of employees where multiple rows could represent the same person with no unique identifier. It would quickly become impossible to manage.

This is why primary keys exist!

Foreign Key

A foreign key connects one table to another.

It references the primary key in a different table, creating the relationship that relational databases are built on.

For example, imagine a Customer table where CustomerID is the primary key.

Now imagine an Orders table that contains a CustomerID column.

That CustomerID inside the Orders table is a foreign key because it points back to the Customer table.

This relationship ensures that every order is connected to a valid customer.

Foreign keys enforce referential integrity, meaning the database prevents relationships that do not make sense.

For example, you cannot create an order for a customer that does not exist.

Candidate Key

A candidate key is any column or combination of columns that could uniquely identify a record. A table can have several candidate keys, but only one of them is ultimately selected to become the primary key. Think of candidate keys as possible identifiers, while the primary key is the chosen identifier.

For example, an employee table might have these possible unique identifiers:

Employee IDEmail AddressGovernment ID number

Each of those could potentially identify the employee uniquely. That means they are all candidate keys.

But once the database designer selects Employee ID as the official identifier, it becomes the primary key.

Attention: CISSP Students

For the CISSP exam, database questions can be tough to deal with because you have to remember the general concept of the keys.

You gotta know how relational structures enforce data integrity.

Primary keys guarantee unique records.

Foreign keys enforce relationships between tables.

Candidate keys represent potential identifiers before one is chosen as the primary key.

Understanding these relationships helps security professionals evaluate how data is structured, protected, and trusted inside an application.

And when it comes to protecting data, integrity of course matters!