You are employed as a database administrator at Domain.com. Your duties at Domain.com are the administrating of the SQL Server 2005 database computer named Certkiller -DB07.
The application developers in the Research and Development department have created an assembly that contains a CLR function. The purpose of the CLR function is to read data from a spreadsheet, perform several calculations and returning the information to Certkiller -DB07. You need to register the assembly with Certkiller -DB07 by using the CREATE ASSEMBLY statement and the least privileged security permission set.
What permission set should you use?
A.
You can only accomplish this by using the UNSAFE permission set.
B.
You can only accomplish this by using the Default permission set.
C.
You can only accomplish this by using the SAFE permission set.
D.
You can only accomplish this by using the EXTERNAL_ACCESS permission set.
Explanation:
To keep CLR code from running amok, Microsoft created a three-tier security model for how CLR code can be invoked: SAFE, EXTERNAL_ACCESS and UNSAFE. The SAFE permissions set is essentially the same as what a conventional stored procedure would be able to do. It can’t modify anything outside of SQL Server itself. EXTERNAL_ACCESS allows access through .NET to the Registry and the file system. UNSAFE is aptly named. Code marked as UNSAFE can’t do anything, and it should really not be used outside of a debugging or experimental context. Most programmers should never need to use anything higher than EXTERNAL_ACCESS.