The Multifunctioning DBA » 70-443

70-443 Chapter 4

Colin Smith — Fri, 19 Feb 2010 10:30:46 +0000

More security and some repeat of chapter 3. This is good though, they really hammered home to make sure that you are using AV, Strong Passwords, and things like that from Chapter 3. New information about NTLM and Kerberos Authentication, Certificates for encryption, and a lot of great information about service accounts best practices. The big things with service accounts are to not use the local system account as it is a admin on the box and you do not really need that. Use domain accounts that have as little permission as they need to do the job. It also talked about the groups that are created that are set with those permissions, on the local machine at least. If you need your SQL Agent to access data in a file share then you will need to make sure that the domain account you are using to get at that data actually does have access to that data.

Great information about using firewalls to block traffic on TCP1433 and UDP1434 from the internet. Also about removing protocols that you do not need like Netbios and SMB.

Again if you do not know everything about all I just mentioned. Read that chapter. I know I will again.

70-443 Chapter 3

Colin Smith — Thu, 18 Feb 2010 20:25:39 +0000

Chapter 3 was all about designing SQL Server Security in the enterprise. Again something that I need to start digging into and fixing in my environment. Should be fun though.

This chapter talked alot about Domain Level Group Policy as well as Local Group Policies. Using GP in order to force password requirments on SQL Logins. Also not to allow exceptions unless you have a real business need to do so, and even them keep them as minimal as possible. It talked about securing from attacks. Make sure that you have AV installed and running and update the DAT files. Do not let the SQL Database face the internet. Put it in a DMZ and let the web server face the public but do not let them interact with the SQL Server. In order to minimize SQL Injection do not use Dynamic SQL, Verify the input, and do not run services with high level accounts.

The next section talks about SQL Server Security at the instance, and database levels. Logins and Users and the Instance Roles that a login can be a part of and the database level roles that a user can be a part of. The different types of authentication that SQL server can use. Window or Mixed Mode.

That is a braod overview of chapter 3 and if you do not think that you know all there is to know about this stuff then read it. I am sure that I will again.

70-443 Chapter 2

Colin Smith — Sat, 13 Feb 2010 08:00:39 +0000

This chapter is all about cosolidation and multiple instances. Not a very long chapter but a great read. I have to say that this cleard up some misconceptions on my part and I really enjoyed the chapter. This chapter talks about instance design and consolidation strategy. I must say that I was a firm believer in one instance per appliction. This works great for keeping things seperate and that way I can give a named instance to each application. Easy to know what instance I need to look at when the application team calls with an issue. This however is not so great when you think about the resources on the server. You can install multiple instances on one server in order to condolidate hardware but at what cost. Each instance needs its own resources and unless you need to have seperation for security purposes it may make more sense to host multiple application Databases on on instance. You will be able to save resources and have more applications running from less servers. This will save a ton of money in hardware and software licensing. You still need to know what each database is doing so you can make sure not to overload the server. remember that you have DISK IO, Memory and other things that will come into play. For instance, each connection to the instance will take about 500 KB of Ram. The more databases that your instance is hosting, the more connections you will have and the more RAM you will be using. Make sure to take all that into consideration when doing your consolidation or instance design.

70-443 Format

Colin Smith — Wed, 10 Feb 2010 00:51:46 +0000

The 70-443 book also outlines what to expect on the exam. I think that this is great. After completing the first chapter, and loving it, I am excited about reading about the exam. It seems that this test will be a more engaging test than the first was. This test will have a five page outline of a case and then about 10 questions to answer about each case. This seems way more real world and less just memory and selecting the correct answer. It will be more like the real world and that is awesome. I am really looking forward to digging into this book and getting this test done. Now that I am the only SQL Server guy for my company, it is more meaningful to me. Not sure if that is a good thing or a bad thing but that is how it is. Now that I am the guy that is going to be fixing our existing systems and defining how things should be in the future I am very excited to do it correctly.

70-443 Chapter 1

Colin Smith — Tue, 09 Feb 2010 00:13:22 +0000

I will be giving a summary of most of the sections of each chapter. Not all information will be in the summary but the things that I think are most important will be included in my summary. Keep in mind that if you are studing for these certificates that you should go get the book and do the work. It will pay off for you. These are just some of the highlights.

Planning a database server infrastructure

Server sizing can be done in a couple of ways and it really depends on the situation that you are in. Server Sizing refers to more than just the size of the database. This includes the hardware of the server. Procs, Network, Disk, Memory…etc. If you are lucky and you are looking to replace an existing server, or you have the money to build a full test server and perform realistic load tests, then you can gather performance data and baselines to help make your decisions. If you are not so lucky then you will want to do interviews with Management and perhaps the support team of the app that the database server will be supporting. If this is a third party application then hopefully they have done the due diligence and can give good guidelines on what hardware you will need and what type of load and growth to expect out of an organization of your size.

I think that I liked the section on disk the most. It talks about different types of disk, SCSI, SATA, and so forth. It also talks about disk configuration and describes why certain raid levels are better than others depending on what your database transactions look like. I found it very interesting that a RAID 10 was the best for writes and reads and that a RAID 5 was so bad for reads. That is going to make me re-think the way that just about all my servers are set up.