You are the administrator of a SQL Server 2005 computer named SQL1. SQL1 stores confidential customer information in a database named Customers. The company’s written security policy states that transmission of customer data between client computers and servers must always take place in a manner that supports authentication, non-repudiation, and encryption. Client computers that do not support the company’s written security policy are denied data access. You need to ensure that the Customers database is in compliance with the company’s security policy. What should you do?
A.
Install a certificate on SQL1 from a Trusted Root Certification Authority.
B.
Configure SQL1 to use a self-signed certificate.
C.
Configure the local security policy of SQL1 to use the IPSec Server policy.
D.
Encrypt all tables in the Customers database.
E.
Enable C2 auditing on SQL1.
Explanation:
Microsoft SQL Server 2005 can use Secure Sockets Layer (SSL) to encrypt data transmitted across a network between an instance of SQL Server and a client application. The SSL encryption is performed within the SQL Native Client Net-Library and applies to all inter-computer protocols supported by SQL Server 2005. SSL encryption works with instances of SQL Server running on a computer that has been assigned a certificate from a public certification authority. The computer on which the application is running must be configured to trust the certificate’s root authority. (Encryption with a self-signed certificate is possible and described in the next section, but a self-signed certificate offers only limited protection.)