SQL Server Optimization - August 29, 2008 at 18:00 PM by Amit Satpute
What are the steps you will take, if you are tasked with securing
an SQL Server?
Perform the following SQL checks after installing the Server:
-
Check if Administrators group belongs to sysadmin role
-
Check if CmdExec role is restricted to sysadmin only
-
Check if SQL Server is running on a Domain Controller
-
Check if sa account password is exposed
-
Check SQL installation folders access permissions
-
Check if Guest account has database access
-
Check if the Everyone group has access to SQL registry keys
-
Check if SQL service accounts are members of the local Administrators group
-
Check if SQL accounts have blank or simple passwords
-
Check for missing SQL hotfixes
-
Check the SQL Server authentication mode type
-
Check the number of sysadmin role members
Then, you should require Windows Authentication Mode for connections to SQL
Server, whenever possible.
You should isolate your server and back it up regularly.
You should assign a strong sa password.
You should limit privilege level of SQL Server Services.
Configure your firewall to filter out packets addressed to TCP port 1433 and UDP
port 1434. ports associated with named instances should also be blocked at the
firewall.
You should Use a secure file system.
Old setup files should be Deleted or secured.
You should log failed connection attempts to SQL Server and review the log
regularly.Enable auditing of failed connections with Enterprise Manager in SQL
Server.
What is a deadlock and what is a live lock? How will you go about
resolving deadlocks?
A deadlock can occur when two or more processes that strive to acquire resources
are not able to acquire them due to some of the following reasons:
Two processes may be interdependent upon each other,
If there are more than 2 processes, then if a graph is plotted, then there could
be a cycle,
A server maintains a graph. The processes acquiring the resources would intimate
the server about their requirement. If the server detects an occurance of a
deadlock, the user process is be terminated.
In a livelock, a request for an exclusive lock is denied repeatedly due to a
series of overlapping shared locks that keep interfering.
An SQL Server detects this situation after four denials and then refuses further
shared locks.
When a write transaction is forced to wait indefinitely due to read transactions
that monopolize a table or a page then a live lock occurs.
Explain 'Hostprotectionattribute' in SQL server
2005.
It allows the use of declarative security actions to determine host protection
requirements. This class cannot be inherited
Also read
Answer - A table can have only one
ROWGUIDCOL column......
Answer - While importing data, the
destination table must already exist......
Answer - Stored procedures provide
performance benefits through local storage, precompiling
the code, and caching......
Answer - A batch is a group of one
or more SQL statements. SQL Server compiles the
statements......
Answer - Views can be created
referencing tables and views only in the current
database.......
Answer - It is created when
CHECKPOINT statement is
executed.......
Answer - Shared
Lock allows simultaneous access of record by multiple
Select statements. Shared Lock blocks record from
updating and will remain in queue waiting while record
is accessed for reading......
Define
Identity and uniqueidentifier property of
Column.
Answer - Column
with identity property contains unique system generated
value in the table. Column with identity property is
similar to AutoNumber field in MS
Access....
|