The Real MTCS SQL Server 2008 Exam 70/432 Prep Kit- P29 pdf
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (127.27 KB, 5 trang )
122 Chapter3•ConfiguringSQLServer2008
Self Test Quick Answer Key
1. D
2. A
3. C
4. A and C
5. D
6. B
7. D
8. A
9. C
10. A and C
11. B and C
12.
B
13. A
14. C
15. B
16. C
17. A
18. B
19. C
20. A
123
Exam objectives review:
˛ Summary of Exam Objectives
˛ Exam Objectives Fast Track
˛ Exam Objectives Frequently Asked Questions
˛ Self Test
˛ Self Test Quick Answer Key
Exam objectives in this chapter:
Principals
Roles
The “Principle of Least Privilege”
Users
Schemas
Permissions
Auditing
The SQL Server Configuration Manager
Security and SQL Agent
Managing Security
Chapter 4
MCTS SQL Server 2008
Exam 432
124 Chapter4•ManagingSecurity
Introduction
Security is an often overlooked factor when designing an application. In this chapter,
all aspects of security will be discussed.
Logins and Users will be covered, as well as SQL Server 2008’s built-in roles.
Some new features are available for policy management.
This chapter will also review user roles and schemas, as well as the pros and cons
of granting access to objects. The tradeoff between more granular security and less
granular security will be discussed.
SQL Authentication will be covered in great detail, along with the pros and
cons of each method.
The SQL Server Surface Area Configuration tool will be covered as well as
the provisioning of the accounts used for SQL Server Services.
Principals
As we begin to look at SQL Server 2008 security management, a good place to
start is to define what SQL Server considers a principal. Principals are entities
that can request SQL Server resources and their scope of influence depends on
the definition scope of the principal. Windows-level principals have a Windows
permission scope, SQL Server-level principals have server-level permissions and
Database-level principals have database-level permissions. A Security identifier (SID)
is assigned to every principal. The following shows the hierarchy of SQL Server
2008 principals and how logins and database users can be mapped to security
objects. Fixed server and database roles are not shown here but are discussed in
the next section.
Te s T Da y Tip
Make sure that you are familiar with this hierarchy and how the
principals can be mapped.
Windows-level principals
Windows domain login
Windows local login
Windows group
ManagingSecurity•Chapter4 125
SQL Server-level principals
SQL Server login
SQL Server login mapped to a Windows login
SQL Server login mapped to a certificate
SQL Server login mapped to an asymmetric key
Database-level principals
Database user
Database user mapped to SQL Server login
Database user mapped to a Windows login
Database user mapped to a certificate
Database user mapped to an asymmetric key
Database role
Application role
Public role
The hierarchy of securable objects in SQL Server 2008 is as follows:
Server
Database
Endpoint
Remote Binding
Route
SQL Server Login
Database
Application Role
Assembly
Asymmetric Key
Certificate
Database User
Fixed Database Role
126 Chapter4•ManagingSecurity
Full-Text Catalog
Message Type
Service
Service Contact
Symmetric Key
Schema
Default
Function
Procedure
Query Stats
Queue
Rule
Synonym
Table
Trigger
Type
View
XML Schema Collection
ex a m Wa r n i n g
Make sure that you are familiar with the principals listed above regarding
their scope and how they fit into the SQL Server 2008 hierarchy.
Roles
Like Windows groups, SQL Server provides two roles, server- and database-level
roles into which logins and users can be added. Server-level roles are fixed roles
that have a serverwide permission scope. Each built-in role serves a specific purpose
