The Multifunctioning DBA

Feb 18 2010   8:25PM GMT

70-443 Chapter 3



Posted by: Colin Smith
Tags:
70-443
Certification
Education
Training

Chapter 3 was all about designing SQL Server Security in the enterprise. Again something that I need to start digging into and fixing in my environment. Should be fun though.

This chapter talked alot about Domain Level Group Policy as well as Local Group Policies. Using GP in order to force password requirments on SQL Logins. Also not to allow exceptions unless you haveĀ a real business need to do so, and even them keep them as minimal as possible. It talked about securing from attacks. Make sure that you have AV installed and running and update the DAT files. Do not let the SQL Database face the internet. Put it in a DMZ and let the web server face the public but do not let them interact with the SQL Server. In order to minimize SQL Injection do not use Dynamic SQL, Verify the input, and do not run services with high level accounts.

The next section talks about SQL Server Security at the instance, and database levels. Logins and Users and the Instance Roles that a login can be a part of and the database level roles that a user can be a part of. The different types of authentication that SQL server can use. Window or Mixed Mode.

That is a braod overview of chapter 3 and if you do not think that you know all there is to know about this stuff then read it. I am sure that I will again.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: