LESSON 7

Question 1

used to grant an entity (such as a user access) to an object (such as another user or a database).

Answer 1

permission

Question 1

In SQL Server, the security model is based on what is referred to as

Answer 1

Securables

Question 2

is the process by which an individual’s access to a computer system is controlled by identification of that user using credentials provided by that user

Answer 2

login or logon

Question 3

The most common login method is

Answer 3

username and password

Question 4

is a logical representation of a person within an electronic system.

Answer 4

user account

Question 4

A security system that requires two distinct forms of identification in order to access something

Answer 4

Two-Factor Authentication

Question 4

The three different methods for which a user can be initially identified include:

Answer 4

Windows user login
– Membership in a Windows user group
– SQL Server-specific login (if the server uses mixed-mode security)

Question 5

It is important to remember that at the SQL Server level, where the database resides, users are known by their login name. This can be a SQL Server login, Windows domain, or a username login choice.

Answer 5

Server-Level Security

Question 6

object Permissions
* Each object’s permission is assigned through either

Answer 6

granting, revoking, or denying user login permissions

Question 7

means the user can access the object.

Answer 7

Grant permission

Question 8

overrides a grant permission.

Answer 8

Deny permission

Question 9

removes the permission assigned, regardless of whether it’s deny or grant.

Answer 9

Revoke permission

Question 10

There are three different types of accounts which are available for the SQL Server service account:

Answer 10

• Local user account
  – Local system account
  – Domain user account

Question 11

is the act of establishing or confirming a user or system identity

Answer 11

Authentication

Question 11

is superior to mixed mode because users don’t need to learn yet another password and because it leverages the security design of the network.

Answer 11

Windows Authentication mode

Question 12

are the permissions that allow a user to act on the database objects (such as tables, stored procedures, and views):

Answer 12

Object Permissions

Question 13

In SQL Server databases, users often access data by going through one or several objects.
* Ownership chains apply to views, stored procedures, and user-defined functions.

Answer 13

Ownership Chains

Question 13

you have something to restore if data is lost during a business’s daily routine.

Answer 13

Backups

Question 14

contains all the data in a specific database or set of filegroups or files, and also enough log to allow for recovering that data

Answer 14

Full backup

Question 14

A differential backup contains only the data that has changed since the differential base.

Answer 14

Differential backup

Question 15

An incremental backup is based on the last backup of the data. An incremental backup contains only the data that has changed since the last full or incremental backup.

Answer 15

Incremental backup

Question 15

are designed to provide more flexibility for backing up databases that contain some read-only filegroups under the simple recovery model.

Answer 15

Partial and differential partial backups

Question 16

can increase the speed of recovery by letting you restore only damaged files without requiring you to restore the rest of the database.

Answer 16

File Backups

Question 16

he files in a database can be backed up and restored _____

Answer 16

individually

Question 17

You can append new backups to any existing backups on a device or overwrite any existing backups.

Answer 17

Backup Devices

Question 18

are created on backup devices, such as disk files or tape media.

Answer 18

SQL Server backups

Question 18

is used to grant an entity (such as a user) access to an object (such as another user or a database).

Answer 18

permission

Question 18

is the process by which individual access to a computer system is controlled by identification of the user using credentials provided by the user. The most common login method is using a username and password.

Answer 18

login or logon

Question 19

is a logical representation of a person within a electronic system.

Answer 19

user account

Question 19

is the act of establishing or confirming a user or system identity

Answer 19

Authentication

Question 20

is superior to mixed mode because users don’t need to learn yet another password and because it leverages the security design of the network.

Answer 20

Windows Authentication mode

Question 21

fixed, predefined server roles. Primarily, these roles grant permission to perform certain server-related administrative tasks.

Answer 21

SQL Server

Question 22

can perform any activity in the SQL Server installation, regardless of any other permission setting. The sysadmin role even overrides denied permissions on an object.

Answer 22

Sysadmin

Question 22

a fixed role, but it can have object permissions like a standard role. Every user is automatically a member of the public role and cannot be removed, so the public role serves as a baseline or minimum permission level.

Answer 22

public role

Question 22

must be explicitly granted access to any user database.

Answer 22

Users

Question 22

is a special role that has all permissions in the database.

Answer 22

db_owner

Question 23

a database-specific role intended to allow an application to gain access regardless of the user.

Answer 23

application role