Your email was sent successfully. Check your inbox.

An error occurred while sending the email. Please try again.

Proceed reservation?

Export
  • 1
    Online Resource
    Online Resource
    Amsterdam, Netherlands :Syngress,
    UID:
    edocfu_9960074152502883
    Format: 1 online resource (xxii, 440 pages) : , illustrations
    Edition: Third edition.
    ISBN: 0-12-801375-3
    Content: SQL server is the most widely-used database platform in the world, and a large percentage of these databases are not properly secured, exposing sensitive customer and business data to attack. In Securing SQL Server, Third Edition , you will learn about the potential attack vectors that can be used to break into SQL server databases as well as how to protect databases from these attacks. In this book, Denny Cherry - a Microsoft SQL MVP and one of the biggest names in SQL server - will teach you how to properly secure an SQL server database from internal and external threats using best practices as well as specific tricks that the author employs in his role as a consultant for some of the largest SQL server deployments in the world. Fully updated to cover the latest technology in SQL Server 2014, this new edition walks you through how to secure new features of the 2014 release. New topics in the book include vLANs, setting up RRAS, anti-virus installs, key management, moving from plaintext to encrypted values in an existing application, securing Analysis Services Objects, Managed Service Accounts, OS rights needed by the DBA, SQL Agent Security, Table Permissions, Views, Stored Procedures, Functions, Service Broker Objects, and much more. Presents hands-on techniques for protecting your SQL Server database from intrusion and attack Provides the most in-depth coverage of all aspects of SQL Server database security, including a wealth of new material on Microsoft SQL Server 2014. Explains how to set up your database securely, how to determine when someone tries to break in, what the intruder has accessed or damaged, and how to respond and mitigate damage if an intrusion occurs.
    Note: Cover -- Title Page -- Copyright Page -- Dedication -- Contents -- Author Biography -- Technical Editor Biography -- Acknowledgments -- Introduction -- Chapter 1 - Identifying Security Requirements -- Information in this chapter: -- What are security objectives? -- Personally Identifiable Information -- When should security objectives been identified? -- How to identify security objectives? -- Chapter 2 - Securing the Network -- Information in this chapter -- Securing the network -- Network Firewalls -- Web Server on the Public Internet Network -- Web Server on the Internal Side of the Network -- Web Server in the Demilitarized Zone -- Server Firewalls -- Windows Firewall Inbound Rules -- Windows Firewall Outbound Rules -- Special Requirements for Clustering -- Direct Internet Access -- Public IP addresses versus private IP addresses -- vLANs -- Accessing SQL server from home -- Setting up Routing and Remote Access -- Allowing Users to VPN in to the Network -- Setting up Client VPN Connection -- Physical security -- Keep Your Hands Off My Box -- Open Network Ports -- Unlocked Workstations -- Automatically Locking Computers -- Social engineering -- Finding the instances -- Testing the network security -- Antivirus installation on SQL servers -- Summary -- References -- Chapter 3 - Key Management -- Information in this chapter -- Service master key -- Database master key -- Encryption password management -- Enterprise key management -- High availability and disaster recovery for key management -- Conclusions -- Chapter 4 - Database Encryption -- Information in this chapter: -- Database encryption -- Hashing versus Encryption -- Triple DES -- RC Algorithms -- Advanced Encryption Standard -- Hashing -- SHA2 and SQL Server -- Encrypting Objects -- Encrypting data within tables -- Encrypting within Microsoft SQL Server. , Encrypting Within the Application Tier -- Moving From Plain Text to Encrypted Values in an Existing Application -- Encrypting data at rest -- TDE and Filestream -- Log Shipping, Database Mirroring and AlwaysOn Availability Groups -- Key Protection -- Encrypting data on the wire -- SQL Server Over SSL -- SQL Server 7 and 2000 -- SQL Server 2005 and Up -- Certificate Strength Differences -- Managing SSL Certificates -- Hiding the Instance -- IP Sec -- Encrypting data with MPIO drivers -- PowerPath Encryption with RSA Requirements and Setup -- Encrypting data via HBAs -- Summary -- References -- Chapter 5 - SQL Password Security -- Information in this chapter: -- Login types -- SQL Authentication Login -- Windows Authentication Login -- Domain Accounts -- Local Accounts -- Certificate Authentication -- Asymmetric Key Login -- Credentials -- SQL server password security -- Extended Protection -- Service Principal Names -- Strong passwords -- Password change policies -- Renaming the SA account -- Disabling the SA account -- Users versus logins -- Contained database users in SQL server 2012 and beyond -- Schemas -- SQL Server 2000 and Below -- SQL Server 2005 and Above -- Domain Groups and Default Schemas -- Setting the Default Schema -- Encrypting client connection strings -- SQL Reporting Services -- Application roles -- Using windows domain policies to enforce password length -- Windows Authentication Group Policies -- Windows Domain Requirements to Use Domain Policies to Manage SQL Authentication Logins -- Contained users -- Contained Databases and Auto-close -- db_owners Can Now Add New Users to the Instance -- Password Policies and Contained Users -- Summary -- References -- Chapter 6 - Securing the Instance -- Information in this chapter -- What to install, and when? -- SQL authentication and windows authentication -- Editing the Master.mdf File. , Using a Debugger to Intercept Passwords -- Purchased Products -- Password change policies -- Auditing failed logins -- Renaming the SA account -- Disabling the SA account -- Securing endpoints -- Certificate Endpoint Authentication -- Stored procedures as a security measure -- Access to Base Tables Is Not Required -- Enabling Cross Database Chaining -- Minimum permissions possible -- Instant file initialization -- Linked servers -- Securing Linked Servers -- Using SQL Server Management Studio for Linked Server Security Configuration -- Using T-SQL for Linked Server Security Configuration -- Only Allowing Some Groups to Use a Linked Server -- Using policies to secure your instance -- SQL azure specific settings -- Instances that leave the office -- Securing AlwaysOn availability groups -- Securing contained databases -- Contained Databases and AlwaysOn -- SQL CLR -- Extended stored procedures -- Protecting your connection strings -- Database firewalls -- Clear virtual memory pagefile -- User access control (UAC) -- Other domain policies to adjust -- Summary -- Chapter 7 - Analysis Services -- Information in this chapter: -- Logging into analysis services -- Granting Administrative Rights -- Granting Rights to an Analysis Services Database -- Securing analysis services objects -- Data Sources -- Cubes -- Cell Data -- Dimensions -- Dimension Data -- Mining Structures -- Summary -- Chapter 8 - Reporting Services -- Information in this chapter -- Setting up SSRS -- Service Account -- Web Service URL -- Database -- Report Manager URL -- Email Settings -- Execution Account -- Encryption Keys -- Scale-out Deployment -- Logging onto SQL Server Reporting Services for the first time -- Security within reporting services -- Item Roles -- System Roles -- Adding System Roles -- Adding Folder Roles -- Reporting services authentication options. , Anonymous Authentication -- Working Around Anonymous Authentication Requirements -- Forms Authentication -- Security Within Reporting Services -- Report server object rights -- Changing Permissions on an Object -- Hiding Objects -- Summary -- Chapter 9 - SQL Injection Attacks -- Information in this chapter -- What is an SQL injection attack? -- Why are SQL injection attacks so successful? -- How to figure out you have been attacked -- How to protect yourself from an SQL injection attack -- NET Protection Against SQL Injection -- Protecting Dynamic SQL within Stored Procedures from SQL Injection Attack -- Using "Execute as" to Protect Dynamic SQL -- Impersonating a Login -- Impersonating a User -- Removing Extended Stored Procedures -- Not Using Best Practice Code Logic Can Hurt You -- What to Return to the End User -- Database Firewalls -- Test, Test, Test -- Cleaning up the database after a SQL injection attack -- Other front end security issues -- The Web Browser URL is not the Place for Sensitive Data -- Using xEvents to monitor for SQL injection -- Summary -- Reference -- Chapter 10 - Database Backup Security -- Information in this chapter: -- Overwriting backups -- Deleting Old Backups -- Media set and backup set passwords -- Backup encryption -- Native Encryption in SQL Server 2014 -- LiteSpeed for SQL Server -- Red Gate SQL Backup -- Third-Party Tape Backup Solutions -- Transparent data encryption -- Securing the Certificates -- Compression and encryption -- Encryption and Data Deduplication -- Offsite backups -- Summary -- References -- Chapter 11 - Storage Area Network Security -- Information in this chapter: -- Securing the array -- Locking Down the Management Ports -- Authentication -- User Access to the Storage Array -- Locking Down the iSCSI Ports -- LUN Security -- Moving LUNs -- Deleting LUNs -- Snapshots and Clones. , Securing the storage switches -- Fiber Channel -- iSCSI -- Fiber Channel Over Ethernet -- Management Ports -- Authentication -- Zone Mapping -- Summary -- Chapter 12 - Auditing for Security -- Information in this chapter -- Login auditing -- SQL Server 2005 and Older -- SQL Server 2008 and Newer -- Using xEvents for Auditing Logins -- Capturing Login Information -- Event Loss Settings -- Viewing Login Audits -- Auditing sysadmin Domain Group Membership -- Data modification auditing -- Change Data Capture Configuration -- Querying Changed Data -- Using XEvents For Data Modification Auditing -- Using SQL Server Audit for Data Modification -- Data querying auditing -- Schema change auditing -- Using Extended Events For Schema Change Auditing -- Using policy-based management to ensure policy compliance -- C2 auditing -- Common criteria compliance -- Summary -- References -- Chapter 13 - Server Rights -- Information in this chapter -- SQL server service account configuration -- One Account for All Services -- SQL Server's AlwaysOn Availability Groups -- One Account Per Sever -- One Account for Each Service -- Using Local Service Accounts for Running SQL Server Services -- Changing the Service Account -- Credentials -- SQL Server Agent Proxy Accounts -- OS rights needed by the SQL server service -- Windows System Rights -- SQL Server's NTFS Permissions -- Managed Service Accounts -- OS rights needed by the DBA -- User Access Controls -- Dual Accounts -- OS rights needed to install service packs -- OS rights needed to access SSIS remotely -- Console apps must die -- Fixed server roles -- User defined server roles -- AlwaysOn Availability Groups -- Instance Wide Permissions -- Select All Database Level User Securables -- Impersonate Any Login -- Connect Any Database -- Fixed database roles -- Fixed Database Roles in the MSDB database. , User-defined database roles.
    Additional Edition: ISBN 0-12-801275-7
    Language: English
    Library Location Call Number Volume/Issue/Year Availability
    BibTip Others were also interested in ...
Close ⊗
This website uses cookies and the analysis tool Matomo. Further information can be found on the KOBV privacy pages