Security

Question 1

What is Public Key Cryptography?

Answer 1

Form of Message Secrecy in which a user creates a public key and private key, the private key is kept secret and the public key is distributed. The public key can encrypt data and the private key decrypts.

Question 2

How do you set up SQL Server to use certificates?

Answer 2

Under SQL Server Configuration Manager
SQL Server Network Configuration
Protocols for MSSQLSERVER - Force Encryption - YES

Certificate tab:
Choose certificate

Question 3

What is a loginless user used for?

Answer 3

It allows for setting up security and using it through EXECUTE AS

Question 4

What is the syntax for creating a loginless user?

Answer 4

CREATE USER [USERNAME] WITHOUT LOGIN WITH DEFAULT_SCHEMA=[SCHEMA]

Question 5

What are contained users?

Answer 5

Users that can authenticate specifically to the database. They do not have logins.

Question 6

How do you set up a database to allow contained users?

Answer 6

sp_configure ‘contained database authentication’, 1
go
reconfigure
go

Then set the containment type to partial.

Question 7

What is the syntax to create a contained user?

Answer 7

CREATE USER [USERNAME] WITH PASSWORD=N’STRONG_PASSWORD’

Question 8

What is cross db ownership chaining?

Answer 8

When all object owners are mapped to the same login account then you can grant access to objects in multiple databases.

Question 9

How do you enable cross db ownership chaining?

Answer 9

ALTER DATABASE Database1 SET DB_CHAINING ON;

Question 10

Does cross db ownership chaining work with dynamic SQL?

Answer 10

Only if the user exists in both databases.

Question 11

What is Symmetric Encryption?

Answer 11

Where the sender and receiver have the same key to encrypt and decrypt

Question 12

What is the drawback to using Symmetric Encryption?

Answer 12

It’s very difficult to get the keys to both parties without losing integrity of the keys

Question 13

What is Asymmetric Encryption?

Answer 13

The sender uses a public key that is generated from a private key that they can encrypt the data with and then send to the receiver who unencrypts it with the private key.

Question 14

What is the downside to Asymmetric Encryption?

Answer 14

It’s more resource-intensive

Question 15

What is a Certificate?

Answer 15

• Asymmetric key pair
• Public key contains identity information
• Can be signed by certificate authority to prove authentication

Question 16

What is the first step needed before being able to use encryption?

Answer 16

You have to create a MASTER KEY in the database (actual database, not master)

CREATE MASTER KEY
ENCRYPTION BY PASSWORD = ‘@ v3ry str@ng p@ssw0rd!’

Question 17

What is transparent database encryption?

Answer 17

Full encryption of the database files and log

Question 18

How is Transparent Database Encryption set up?

Answer 18

• Create DMK in Master
• Create a certificate in Master
• Create a database encryption key in your database
• Set encryption on your database

Question 19

What is a DMK?

Answer 19

Database Master Key

Question 20

What is DEK?

Answer 20

Database Encryption Key