You administer a Microsoft SQL Server 2012 database.
You configure Transparent Data Encryption (TDE) on the Orders database by using the following
statements:
CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘MyPassword1!’
CREATE CERTIFICATE TDE_Certificate WITH SUBJECT = ‘TDE Certificate’;
BACKUP CERTIFICATE TDE_Certificate TO FILE = ”d:\TDE_Certificate.cer’
WITH PRIVATE KEY (FILE = ‘D:\TDE_Certificate.key’, ENCRYPTION BY PASSWORD =
‘MyPassword1!’);
CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_256
ENCRYPTION BY SERVER CERTIFICATE TDE_Certificate;
ALTER DATABASE Orders SET ENCRYPTION ON;
You attempt to restore the Orders database and the restore fails. You copy the encryption file to the
original location.
A hardware failure occurs and so a new server must be installed and configured.
After installing SQL Server to the new server, you restore the Orders database and copy the
encryption files to their original location. However, you are unable to access the database.
You need to be able to restore the database.
Which Transact-SQL statement should you use before attempting the restore?
A.
ALTER DATABASE Master SET ENCRYPTION OFF;
B.
CREATE CERTIFICATE TDE_Certificate FROM FILE = ‘d:\TDE_Certificate.cer’
WITH PRIVATE KEY (FILE = ‘D:\TDE_Certificate.key’, DECRYPTION BY PASSWORD =
‘MyPassword1!’);
C.
CREATE CERTIFICATE TDE_Certificate WITH SUBJECT = ‘TDE Certificate’;
USE Orders;
CREATE DATABASE ENCRYPTION KEY
WITH ALGORITHM = AES_256
ENCRYPTION BY SERVER CERTIFICATE TDE_Certificate;
D.
CREATE CERTIFICATE TDE_Certificate FROM FILE = ‘d:\TDE_Certificate.cer’;
B is Correct