You need to recommend a solution for Application1 that meets the security requirements. What should you
include in the recommendation?
Case Study:
Litware, Inc Case A
Overview:You are a database administrator for a company named Litware, Inc. Litware is a book publishing house.
Litware has a main office and a branch office.
You are designing the database infrastructure to support a new web-based application that is being developed.
The web application will be accessed at www.litwareinc.com. Both internal employees and external partners will
use the application.
You have an existing desktop application that uses a SQL Server 2005 database named App1_DB. App1_DB
will remain in production.
Requirements:
Planned Changes
You plan to deploy a SQL Server 2012 instance that will contain two databases named Database1 and
Database2. All database files will be stored in a highly available SAN.
Database1 will contain two tables named Orders and OrderDetails. Database1 will also contain a stored
procedure named usp_UpdateOrderDetails. The stored procedure is used to update order information. The
stored procedure queries the Orders table twice each time the procedure executes. The rows returned from the
first query must be returned on the second query unchanged along with any rows added to the table between
the two read operations.
Database1 will contain several queries that access data in the Database2 tables. Database2 will contain a table
named Inventory. Inventory will contain over 100 GB of data. The Inventory table will have two indexes: a
clustered index on the primary key and a nonclustered index. The column that is used as the primary key will
use the identity property.
Database2 wilt contains a stored procedure named usp_UpdateInventory. usp_UpdateInventory will manipulate
a table that contains a self-join that has an unlimited number of hierarchies.
All data in Database2 is recreated each day ad does not change until the next data creation process.
Data from Database2 will be accessed periodically by an external application named Application1. The data
from Database2 will be sent to a database named Appl_Dbl as soon as changes occur to the data in
Database2.
Litware plans to use offsite storage for all SQL Server 2012 backups.
Business Requirements:
You have the following requirements:
Costs for new licenses must be minimized.
Private information that is accessed by Application must be stored in a secure format.
Development effort must be minimized whenever possible.
The storage requirements for databases must be minimized.
System administrators must be able to run real-time reports on disk usage.
The databases must be available if the SQL Server service fails.
Database administrators must receive a detailed report that contains allocation errors and data corruption.
Application developers must be denied direct access to the database tables. Applications must be denied
direct access to the tables.
You must encrypt the backup files to meet regulatory compliance requirements. The encryption strategy
must minimize changes to the databases and to the applications.
A.
Encrypted columns
B.
Certificate Authentication
C.
Secure Socket Layer (SSL)
D.
Signed stored procedures
Explanation:
http://technet.microsoft.com/en-us/library/ms179331.aspx