55096: Securing Data on Microsoft SQL Server 2012

Chat

The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary to secure database servers.

After completing this course, students will be able to:

  • Understand concepts of security and privacy
  • Recognize the difference between security and privacy
  • Make security steps during installation
  • Take necessary steps after installation
  • Get full understanding of authentication and authorization
  • Implement sever and database side security
  • Understand how SQL Server can protect data
  • Understand basic cryptography
  • Understand SQL Server encryption model
  • Implement symmetric encryption
  • Improve your auditing skills
  • Use SQL Server Auditing feature
  • Collect digital evidence in your environment
  • Go beyond SQL Server to protect your data assets

Destinatários

This course is intended for Database Developers, Security Professionals, Database Administrators and other people that need to secure database servers.

Programa

  • Module 1: SQL Server Security Threats and Countermeasures
  • Module 2: Security and Privacy Concepts in SQL Server
  • Module 3: Security During and After Installation
  • Module 4: Authentication and Authorization
  • Module 5: Protecting Data
  • Module 6: Auditing on SQL Server

Module 1: SQL Server Security Threats and Countermeasures

This module describes the security threats and the countermeasures used to protect your data and database server. Lessons presented in this module will detail the weak points inside and outside of SQL Server 2012. You will also learn how to identify specific threats, such as data transfer sniffing and SQL code injection and how to prevent them with the appropriate countermeasures.

Lessons

  • Threats from Authorized Users
  •    User’s Role in Date Security and Privacy
  •    Examples of Threats
  •    Countermeasures
  • Physically Stealing Data
  •    Weak Points Inside SQL Server
  •    Weak Points Outside of SQL Server
  •    Countermeasures
  • Data Transfer Sniffing
  •    Client/Server Communications
  •    Why is a Firewall not Enough?
  •    Countermeasures
  • SQL Injection
  •    What is SQL Injections?
  •    Demonstration of SQL Injection
  •    Countermeasures

Lab : Limiting Threats from an Authorized User

  • Implementing Explicit DENY
  • Implementing Transparent Data Encryption
  • How to Protect SQL Injection on a User Table

Lab : Protecting Database Back-Up

  • Implementing Explicit DENY
  • Implementing Transparent Data Encryption
  • How to Protect SQL Injection on a User Table

Lab : Protecting SQL Injection

  • Implementing Explicit DENY
  • Implementing Transparent Data Encryption
  • How to Protect SQL Injection on a User Table
After completing this module, students will be able to:
  • Identify threats from authorized users.
  • Understand the risk from physically stealing data.
  • Prevent data transfer sniffing.
  • Avoid SQL injection.

Module 2: Security and Privacy Concepts in SQL Server

This module provides the background knowledge of security and privacy concepts in SQL server. Lessons presented in this module will provide an overview of SQL Server 2012 security and privacy. You will also learn the basics of auditing/monitoring users and how to use the built-in SQL Server tools.

Lessons

  • Overview of Security
  •    What is Security?
  •    Threat Modeling
  •    SQL Server Security Mode.
  •    Levels of Security in SQL Server
  • Overview of Privacy
  •    What is Privacy?
  •    Balance between Privacy and Security
  •    SQL Server and Data Privacy
  • Monitoring User Activity
  •    Auditing Basics
  •    Access Controls
  •    CSI SQL Server
  • Using SQL Server Tools
  •    Overview of SQL Tools
  •    SQL Server Configuration Manager (SSCM)
  •    SQL Server Management Studio (SSMS)
After completing this module, students will be able to:
  • Understand the basic concepts of security and privacy on SQL Server.
  • Know the difference between security and privacy.
  • Understand the need for data auditing.
  • Recognize the correct tools for achieving all security tasks.

Module 3: Security During and After Installation

This module describes the security steps during and after installing SQL Server 2012. Lessons presented in this module will detail the security and service accounts during the installation. You will learn about the SQL Server Configuration Manager and working with Windows Firewall. You will also understand the password issues and policies for consumers of SQL resources.

Lessons

  • Security Steps during Installation
  •    Service Accounts
  •    Types of Authentication
  •    Administrator Account
  • Security Steps after Installation
  •    Managing Services Using SSCM
  •    Managing Server Network Protocols using SSCM
  •    Managing Client Network Protocols using SSCM
  •    Working with Windows Firewall
  •    Connecting to a SQL Server Instance
  • SQL Server Resources Consumers
  •    Types of SQL Server Consumers
  •    Password Issues
  •    Password Policy

Lab : Configuring Access to SQL Server

  • Configuring TCP Port
  • Opening TCP port 1433 on Windows Firewall
  • Configuring Password Policy through SSMS
  • Configuring Password Policy through T-SQL Code
  • Testing the Password Policy

Lab : Configuring Password Policy

  • Configuring TCP Port
  • Opening TCP port 1433 on Windows Firewall
  • Configuring Password Policy through SSMS
  • Configuring Password Policy through T-SQL Code
  • Testing the Password Policy
After completing this module, students will be able to:
  • Understand what are the service accounts.
  • Determine types of authentication.
  • Understand the risk of administrator accounts.

Module 4: Authentication and Authorization

This module describes how to the authentication and authorization process in SQL Server works. Lessons presented in this module will detail how to authenticate and authorize users to access and use SQL data. You will also learn about server-side and database security.

Lessons

  • Authentication
  •    Process of Authentication
  •    Windows Authentication
  •    SQL Server Authentication
  •    Database Authentication
  • Authorization
  •    Process of Authorization
  •    Mapping Login to User
  •    Default Database Users
  • Accessing SQL Server Resources
  •    Server-Side Security
  •    Database Security
  •    Schema Separation

Lab : Authenticating Users

  • Creating a New Windows Login
  • Creating a New Contained Database
  • Creating New Database Users
  • Applying Server-Side Policy
  • Applying Database Access Policy

Lab : Authorizing Users

  • Creating a New Windows Login
  • Creating a New Contained Database
  • Creating New Database Users
  • Applying Server-Side Policy
  • Applying Database Access Policy

Lab : Applying Security Policy

  • Creating a New Windows Login
  • Creating a New Contained Database
  • Creating New Database Users
  • Applying Server-Side Policy
  • Applying Database Access Policy
After completing this module, students will be able to:
  • Understand how to use the authentication process.
  • Understand and use the authorization process.
  • Access SQL Server resources.

Module 5: Protecting Data

This module describes how to protect your data in SQL Server 2012. Lessons presented in this module will detail how cryptography works and the crypto features in SQL Server 2012. You will learn about security keys and how they various methods of data encryption used, such as TDE, Symmetric and Asymmetric encryption. You will also learn the difference between hashing and encryption.

Lessons

  • Understanding Cryptography
  • What is Cryptography?
  • Types of Cryptography
  • SQL Server Cryptographic Features
  • Keys
  •    What is a Key?
  •    Service Master Key
  •    Database Master Key
  •    Database Encryption Keys
  • Transparent Data Encryption (TDE)
  •    What is Transparent Data Encryption?
  •    Transparent Data Encryption Architecture
  •    Implementing Transparent Data Encryption
  • Symmetric Encryption
  •    Symmetric Encryption Model
  •    Creating Symmetric Keys
  •    Implementing Symmetric Encryption
  • Asymmetric Encryption
  •    Asymmetric Encryption Model
  •    Creating Asymmetric Keys
  •    Implementing Asymmetric Encryption
  • Hashing
  •    What is Hashing?
  •    Hashing vs. Encryption
  •    Implementing SQL Server Hash Functions

Lab : Creating a Database Master Key

  • Creating a New Database Master Key
  • Implementing Transparent Data Encryption
  • Implementing Symmetric Encryption
  • Implementing Asymmetric Encryption
  • Implementing Hash Functions

Lab : Implementing Transparent Data Encryption

  • Creating a New Database Master Key
  • Implementing Transparent Data Encryption
  • Implementing Symmetric Encryption
  • Implementing Asymmetric Encryption
  • Implementing Hash Functions

Lab : Implementing Symmetric Encryption

  • Creating a New Database Master Key
  • Implementing Transparent Data Encryption
  • Implementing Symmetric Encryption
  • Implementing Asymmetric Encryption
  • Implementing Hash Functions

Lab : Implementing Asymmetric Encryption

  • Creating a New Database Master Key
  • Implementing Transparent Data Encryption
  • Implementing Symmetric Encryption
  • Implementing Asymmetric Encryption
  • Implementing Hash Functions

Lab : Implementing SQL Server Hash Functions

  • Creating a New Database Master Key
  • Implementing Transparent Data Encryption
  • Implementing Symmetric Encryption
  • Implementing Asymmetric Encryption
  • Implementing Hash Functions
After completing this module, students will be able to:
  • Understand what is cryptography.
  • Know what cryptographic elements are.
  • Defining cryptography in SQL Server.
  • Recognize and use correct cryptographic SQL Server mechanisms.

Module 6: Auditing on SQL Server

This module describes the auditing process and how to use the various methods. Lessons presented in this module will detail the classic auditing methods, such as using triggers. You will learn how to configure SQL Server auditing and how to access the audit logs. You will also learn about database forensics and collecting digital evidence.

Lessons

  • Classic Audit Methods
  •    DDL Triggers
  •    DML Triggers
  •    SQL Server Profiler
  • SQL Server Auditing
  •    SQL Server Audit Components
  •    Configuring SQL Server Audit
  •    Accessing SQL Server Audit Logs
  • Database Forensics
  •    Digital Evidence
  •    Methods for Collecting Data
  •    Securing Digital Evidence

Lab : Audit User Activity

  • Implementing DML Trigger
  • Implementing Server-Side Auditing
  • Configuring Server-Side Auditing
  • Implementing Server-Side Auditing
  • Tampering Evidence

Lab : Auditing Server and Database Activity

  • Implementing DML Trigger
  • Implementing Server-Side Auditing
  • Configuring Server-Side Auditing
  • Implementing Server-Side Auditing
  • Tampering Evidence

Lab : Securing Digital Evidence

  • Implementing DML Trigger
  • Implementing Server-Side Auditing
  • Configuring Server-Side Auditing
  • Implementing Server-Side Auditing
  • Tampering Evidence
After completing this module, students will be able to:
  • Implement classic auditing on SQL Server.
  • Implement a new Audit feature in SQL Server 2012.
  • Understand the basics about database forensics.

 

 

Chat

Quero saber mais informações sobre este curso

55096: Securing Data on Microsoft SQL Server 2012

Microsoft | 12h


Notas

Pretende mais informação sobre este curso?

Preencha o formulário com os seus dados e as suas questões e entraremos em contacto consigo para lhe darmos todas as informações pretendidas.

Obrigado!