Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AZ-500 > SQL > Flashcards

SQL Flashcards

1
Q

All Azure SQL Servers and Databases are encrypted using:

A

Transparent Data Encryption (TDE)
-SQL columns are encrypted through using AlwaysEncrypted
TDE allows for the confiruration of BYOK scenarioes through integration with Azure Key Vault. BYOK is enabled in TDE configuration of Azure SQL Server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AlwaysEncrypted

A

-designed to protect sensitive data stored in specific database columns from access.
-this includes database columns or other privileged users who are authorized to access the database to perform management tasks, but have no business need to access the particular data in the encrypted columns
-To used AlwaysEncrypted you need to use either Windows certificate store or an Azur Key Vault to store the Master key!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Column Encrypted Key

A

used to encrypt data in an encrypted column

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Column Master Key

A

a key protecting key that encrypted one or more column encrypted keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

As part of an Azure SQL Database AlwaysEncrypted configuration where are the encryption keys stored?

A

Column Master Key: Azure Key Vault

Column Encryption Key: SQL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Your company wants to use Azure AD identities and secure a connection of a Azure web app and Azure SQL database. Steps include:

A
  1. In Azure SQL database, create contained users
  2. In Azure AD create a system assigned managed identity for Web app
  3. Connect to database using SQL Server Management Studio
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are three advanced data security capabilities of Azure SQL Database?

A

-Vulnerability assessment
-Data Classification
Advanced Threat Protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SQL Advanced Threat Protection will alert on the following:

A

-“password’ OR 1=1” enter into a password field is an attempted at SQL Injection
-Login from an unusual location or Azure region
Login by an unfamiliar principle
-Access from a potentially harmful application
-Brute force attempt on SQL Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

If you wanted to secure a Web app against SQL injection you would deploy:

A

Azure Application Gateway with Application Firewal;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

For every contained users relative to An Azure AD users, you can:

A

Log into the database using either Action Directory Universal with MFA or Active Directory passwor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AZ-500 (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions