Securing SQL Server : DBAs Defending the Database.: DBAs Defending the Database. (2016)
- Record Type:
- Book
- Title:
- Securing SQL Server : DBAs Defending the Database.: DBAs Defending the Database. (2016)
- Main Title:
- Securing SQL Server : DBAs Defending the Database.
- Other Names:
- Peter A. Carter
- Contents:
- At a Glance; Contents; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; Chapter 1: Threat Analysis; Understanding Threat Modelling; Identifying Assets; Creating an Architecture Overview; Creating the Infrastructure Components; Identifying the Technology Stack; Creating a Security Profile; Identifying Threats; Understanding STRIDE; Using STRIDE; Rating Threats; Understanding Threat Rating Methodologies; Understanding DREAD Methodology; Using DREAD Methodology; Creating Countermeasures; Summary; Chapter 2: SQL Server Security Model. Security Principal HierarchyInstance Level Security; Logins; Creating a Login; Migrating Logins Between Instances; Server Roles; Credentials; Database-Level Security; Users; Users with a Login; Users Without a Login; Database Roles; Summary; Chapter 3: SQL Server Audit; Understanding SQL Server Audit; SQL Server Audit Actions and Action Groups; Implementing SQL Server Audit; Creating a Server Audit; Create a Server Audit Specification; Create a Database Audit Specification; Creating Custom Audit Events; Creating the Server Audit and Database Audit Specification; Raising the Event; Summary. Chapter 4: Data-Level SecuritySchemas; Ownership Chaining; Impersonation; Row-Level Security; Security Predicates; Security Policies; Implementing RLS; Dynamic Data Masking; Summary; Chapter 5: Encryption in SQL Server; Generic Encryption Concepts; Defense-in-Depth; Symmetric Keys; Asymmetric Keys; Certificates; Self-SignedAt a Glance; Contents; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; Chapter 1: Threat Analysis; Understanding Threat Modelling; Identifying Assets; Creating an Architecture Overview; Creating the Infrastructure Components; Identifying the Technology Stack; Creating a Security Profile; Identifying Threats; Understanding STRIDE; Using STRIDE; Rating Threats; Understanding Threat Rating Methodologies; Understanding DREAD Methodology; Using DREAD Methodology; Creating Countermeasures; Summary; Chapter 2: SQL Server Security Model. Security Principal HierarchyInstance Level Security; Logins; Creating a Login; Migrating Logins Between Instances; Server Roles; Credentials; Database-Level Security; Users; Users with a Login; Users Without a Login; Database Roles; Summary; Chapter 3: SQL Server Audit; Understanding SQL Server Audit; SQL Server Audit Actions and Action Groups; Implementing SQL Server Audit; Creating a Server Audit; Create a Server Audit Specification; Create a Database Audit Specification; Creating Custom Audit Events; Creating the Server Audit and Database Audit Specification; Raising the Event; Summary. Chapter 4: Data-Level SecuritySchemas; Ownership Chaining; Impersonation; Row-Level Security; Security Predicates; Security Policies; Implementing RLS; Dynamic Data Masking; Summary; Chapter 5: Encryption in SQL Server; Generic Encryption Concepts; Defense-in-Depth; Symmetric Keys; Asymmetric Keys; Certificates; Self-Signed Certificates; Windows Data Protection API; SQL Server Encryption Concepts; Master Keys; EKM and Key Stores; SQL Server Encryption Hierarchy; Encrypting Data; Encrypting Data with a Password or a Passphrase; Encrypting Data with Keys and Certificates. Transparent Data EncryptionConsiderations for TDE with Other Technologies; Implementing TDE; Administering TDE; Backing up the Certificate; Migrating an Encrypted Database; Always Encrypted; Implementing Always Encrypted; Always Encrypted Limitations; Summary; Chapter 6: Security Metadata; Security Principal Metadata; Finding a User's Effective Permissions; Securable Metadata; Code Signing; Permissions Against a Specific Table; Audit Metadata; Encryption Metadata; Always Encrypted Metadata; TDE Metadata; Securing Metadata; Risks of Metadata Visibility; Summary. Chapter 7: Implementing Service Accounts for SecurityService Account Types; Virtual Accounts; Managed Service Accounts; SQL Server Services; How Service Accounts Can Become Compromised; Designing a Pragmatic Service Account Strategy; Summary; Chapter 8: Protecting Credentials; Protecting the sa Account; DBA Steps to Mitigate the Risks; Disabling the sa Account; Renaming the sa Account; Ensuring Reputability; Enforcing Constant Password Changes; Protecting User Accounts; Auditing Passwords Susceptible to Word List Attacks; Summary; Chapter 9: Reducing the Attack Surface; Network Configuration. … (more)
- Publisher Details:
- Place of publication not identified : Apress
- Publication Date:
- 2016
- Extent:
- 1 online resource (173)
- Subjects:
- 004
Computer science
Database security
Database security
Computers -- Security -- General
Computer security
Database management
Computer security
Computers -- Database Management -- General
Databases
Electronic books - Languages:
- English
- ISBNs:
- 1484222652
9781484222652 - Related ISBNs:
- 1484222644
9781484222645 - Notes:
- Note: Print version record.
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.353553
- Ingest File:
- 01_312.xml