What should you do to all SQL servers to provide maximumsecurity for login accounts?

You are the SQL administrator for your company. A SQL Server 2008 computer named VMSQL01 is configuredwith the following settings on the Security page of the
Server Properties dialog box:

A new security policy has been adopted by your company that requires all SQL servers to provide maximumsecurity for login accounts. Backward compatibility should not be a consideration. exhibit What should you do?

You are the SQL administrator for your company. A SQL Server 2008 computer named VMSQL01 is configuredwith the following settings on the Security page of the
Server Properties dialog box:

A new security policy has been adopted by your company that requires all SQL servers to provide maximumsecurity for login accounts. Backward compatibility should not be a consideration.

What should you do?

A.
Select the Enable server proxy account check box, and enter the appropriate credentials.

B.
Select the Windows Authentication mode option, and restart the service.

C.
Select the Enable C2 audit tracing check box.

D.
Select the Successful logins only option, and restart the service.

Explanation:

You should select the Windows Authentication mode option and restart the service. Any time you change theauthentication mode, a service restart is required. WindowsAuthentication provides better security than mixedmode authentication. In this scenario, the Server Properties dialog box displayed for VMSQL01 shows it isconfigured to use mixed mode authentication because the SQL Server and Windows Authentication mode option is selected. Windows Authentication is more secure because it integrates all the operating system securitymechanisms into the security. If SQL Server authentication is allowed, accounts can be created within SQLServer 2008. In addition, SQL Server authentication is provided only for backward compatibility. To identify theauthentication method used by a SQL Server 2008 computer, you can open SQL Server Management Studio,right-click the instance name, and select Properties . Then, from the Server Properties dialog box, select the Security page. You should not select the Enable server proxy account check box and enter the appropriate credentials. Aserver proxy account is used by the xp_cmdshell extended stored procedure for impersonation. The xp_cmdshell
extended stored procedure executes operating system commands. This setting will not improve theserver’s security. You should not select the Enable C2 audit tracing
check box. When this option is enabled, audit trails aremaintained for any attempts to access statements and objects. Although this will provide you with an audit trail ofevents that happened, it does not ensure maximum security for login accounts. You should not select the Successful logins only option and restart the service. When this option is enabled,audit trails are maintained for all successful logins. Although this will provide you with an audit trail for allsuccessful logins, it does not ensure maximum security for login accounts.

Objective:
Installing and Configuring SQL Server 2008

Sub-Objective:
Configure SQL Server instances.

References:
TechNet > TechNet Library > Server Products and Technologies > SQL Server > SQL Server 2008 > ProductDocumentation > SQL Server 2008 Books Online > Database Engine > Technical Reference > FeatureReference > SQL Server Management Studio F1 Help > Object Explorer F1 Help > Server Properties F1 Help >Server Properties (Security Page)



Leave a Reply 0

Your email address will not be published. Required fields are marked *