Microsoft Certified IT Professional/Exam 70-444/Designing a Strategy to Manage and Maintain Database Security

Designing a Strategy to Manage and Maintain Database Security

  • Perform a security audit of the existing security infrastructure based on the security plan.
    • Analyze the physical server security.
    • Compare the existing security infrastructure to business and regulatory requirements.
    • Identify variations from the security design.
  • Maintain a server-level security strategy.
    • Design a strategy to audit Windows account permissions.
    • Design a strategy to audit SQL Server service access.
    • Maintain a strategy to assign the appropriate minimum level of privileges.
    • Maintain an encryption strategy that meets business requirements.
    • Design a strategy to apply service packs and security updates.
    • Configure the surface area.
  • Maintain a user-level security strategy.
    • Verify the existence and enforcement of account policies.
    • Verify SQL Server login authentication.
    • Verify permissions on SQL Server roles and accounts.
  • Prepare for respond to threats and attacks.
    • Prepare for and respond to SQL Server injection attacks.
    • Prepare for and respond to denial-of-service attacks that are specific to SQL Server.
    • Prepare for and respond to virus and worm attacks that are specific to SQL Server.
    • Prepare for and respond to internal attacks that are specific to SQL Server.