Securing SQL Server : DBAs Defending the Database /: DBAs Defending the Database. ([2018])
- Record Type:
- Book
- Title:
- Securing SQL Server : DBAs Defending the Database /: DBAs Defending the Database. ([2018])
- Main Title:
- Securing SQL Server : DBAs Defending the Database
- Further Information:
- Note: Peter A. Carter.
- Authors:
- Carter, Peter A
- Contents:
- Intro; Table of Contents; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; Part I: Database Security; Chapter 1: Threat Analysis and Compliance; Threat Modeling; Understanding Threat Modeling; Identifying Assets; Creating an Architecture Overview; Creating the Infrastructure Components; Identifying the Technology Stack; Creating a Security Profile; Identifying Threats; Understanding STRIDE; Using STRIDE; Rating Threats; Understanding Threat Rating Methodologies; Understanding DREAD Methodology; Using DREAD Methodology; Creating Countermeasures. Compliance ConsiderationsIntroducing SOX for SQL Server; Introducing GDPR For SQL Server; Summary; Chapter 2: SQL Server Security Model; Security Principal Hierarchy; Instance Level Security; Logins; Creating a Login; Migrating Logins Between Instances; Server Roles; Credentials; Database-Level Security; Users; Users With a Login; Users Without a Login; Database Roles; Summary; Chapter 3: SQL Server Audit; Understanding SQL Server Audit; SQL Server Audit Actions and Action Groups; Implementing SQL Server Audit; Creating a Server Audit; Create a Server Audit Specification. Create a Database Audit SpecificationCreating Custom Audit Events; Creating the Server Audit and Database Audit Specification; Raising the Event; Summary; Chapter 4: Data-Level Security; Schemas; Ownership Chaining; Impersonation; Row-Level Security; Security Predicates; Security Policies; Implementing RLS; Dynamic Data Masking; Summary;Intro; Table of Contents; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; Part I: Database Security; Chapter 1: Threat Analysis and Compliance; Threat Modeling; Understanding Threat Modeling; Identifying Assets; Creating an Architecture Overview; Creating the Infrastructure Components; Identifying the Technology Stack; Creating a Security Profile; Identifying Threats; Understanding STRIDE; Using STRIDE; Rating Threats; Understanding Threat Rating Methodologies; Understanding DREAD Methodology; Using DREAD Methodology; Creating Countermeasures. Compliance ConsiderationsIntroducing SOX for SQL Server; Introducing GDPR For SQL Server; Summary; Chapter 2: SQL Server Security Model; Security Principal Hierarchy; Instance Level Security; Logins; Creating a Login; Migrating Logins Between Instances; Server Roles; Credentials; Database-Level Security; Users; Users With a Login; Users Without a Login; Database Roles; Summary; Chapter 3: SQL Server Audit; Understanding SQL Server Audit; SQL Server Audit Actions and Action Groups; Implementing SQL Server Audit; Creating a Server Audit; Create a Server Audit Specification. Create a Database Audit SpecificationCreating Custom Audit Events; Creating the Server Audit and Database Audit Specification; Raising the Event; Summary; Chapter 4: Data-Level Security; Schemas; Ownership Chaining; Impersonation; Row-Level Security; Security Predicates; Security Policies; Implementing RLS; Dynamic Data Masking; Summary; Chapter 5: Encryption in SQL Server; Generic Encryption Concepts; Defense in Depth; Symmetric Keys; Asymmetric Keys; Certificates; Self-Signed Certificates; Windows Data Protection API; SQL Server Encryption Concepts; Master Keys; EKM and Key Stores. SQL Server Encryption HierarchyEncrypting Data; Encrypting Data With a Password or Passphrase; Encrypting Data with Keys and Certificates; Transparent Data Encryption; Considerations for TDE With Other Technologies; Implementing TDE; Administering TDE; Backing Up the Certificate; Migrating an Encrypted Database; Always Encrypted; Implementing Always Encrypted; Always Encrypted Limitations; Summary; Chapter 6: Security Metadata; Security Principal Metadata; Finding a User's Effective Permissions; Securable Metadata; Code Signing; Permissions Against a Specific Table; Audit Metadata. Encryption MetadataAlways Encrypted Metadata; TDE Metadata; Credentials Metadata; Securing Metadata; Risks of Metadata Visibility; Summary; Chapter 7: Implementing Service Accounts for Security; Service Account Types; Virtual Accounts; Managed Service Accounts; SQL Server Services; How Service Accounts Can Become Compromised; Designing a Pragmatic Service Account Strategy; Summary; Chapter 8: Protecting Credentials; Protecting the sa Account; DBA Steps to Mitigate the Risks; Disabling the sa Account; Renaming the sa Account; Ensuring Reputability; Enforcing Constant Password Changes. … (more)
- Edition:
- Second edition
- Publisher Details:
- Berkeley, CA : Apress L.P
- Publication Date:
- 2018
- Extent:
- 1 online resource (354 pages)
- Subjects:
- 005.8
Computer science
Database security
COMPUTERS -- Programming Languages -- SQL
Computers -- Programming -- Microsoft Programming
Computers -- Security -- General
Microsoft programming
Computer security
Database management
Microsoft software
Microsoft .NET Framework
Computer security
Computers -- Database Management -- General
Databases
Electronic books - Languages:
- English
- ISBNs:
- 9781484241615
1484241614 - Related ISBNs:
- 9781484241608
1484241606 - Notes:
- Note: Description based on online resource; title from digital title page (viewed on December 13, 2018).
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.374834
- Ingest File:
- 02_355.xml