What are the steps you will take, if you are tasked with
securing an SQL Server?
Answer Posted / sandeep
Again this is another open ended question. Here are some
things you could talk about: Preferring NT authentication,
using server, databse and application roles to control
access to the data, securing the physical database files
using NTFS permissions, using an unguessable SA password,
restricting physical access to the SQL Server, renaming the
Administrator account on the SQL Server computer, disabling
the Guest account, enabling auditing, using multiprotocol
encryption, setting up SSL, setting up firewalls, isolating
SQL Server from the web server etc.
Read the white paper on SQL Server security from Microsoft
website. Also check out My SQL Server security best practices
Is This Answer Correct ? | 3 Yes | 1 No |
Post New Answer View All Answers
Define the SGA and: How you would configure SGA for a mid-sized OLTP environment? What is involved in tuning the SGA?
how can you process messages in order asynchronously?
What is the difference between the 2 operating modes of database mirroring? : sql server DBA
Can you redefine a table online?
How to craeate the New Database Schema in Oracle and mysql? Please tell me with Example?
. I have my backup RMAN script called "backup_rman.sh". I am on the target database. My catalog username/password is rman/rman. My catalog db is called rman. How would you run this shell script from the o/s such that it would run as a background process?
what is grd?
What are the different types of database compression introduced in sql server 2008? : sql server DBA
Why would you use sql agent? : sql server DBA
What happens on checkpoint? : sql server DBA
You have found corruption in a tablespace that contains static tables that are part of a database that is in NOARCHIVE log mode. How would you restore the tablespace without losing new data in the other tablespaces?
What are the commands you'd issue to show the explain plan for "select * from dual"?
Provide an example of a shell script which logs into SQLPLUS as SYS, determines the current date, changes the date format to include minutes & seconds, issues a drop table command, displays the date again, and finally exits.
how can you initialize log miner?
What is transparent data encryption? : sql server DBA