Securing SQL Server
Apress (Verlag)
978-1-4842-4160-8 (ISBN)
Database professionals in today’s world deal increasingly with repeated data attacks against high-profile organizations and sensitive data. It is more important than ever to keep your company’s data secure. Securing SQL Server demonstrates how developers, administrators and architects can all play their part in the protection of their company’s SQL Server enterprise.
This book not only provides a comprehensive guide to implementing the security model in SQLServer, including coverage of technologies such as Always Encrypted, Dynamic Data Masking, and Row Level Security, but also looks at common forms of attack against databases, such as SQL Injection and backup theft, with clear, concise examples of how to implement countermeasures against these specific scenarios. Most importantly, this book gives practical advice and engaging examples of how to defend your data, and ultimately your job, against attack and compromise.
What You'll Learn
Perform threat analysis
Implement access level control and data encryption
Avoid non-reputability by implementing comprehensive auditing
Use security metadata to ensure your security policies are enforced
Mitigate the risk of credentials being stolen
Put countermeasures in place against common forms of attack
Who This Book Is For
Database administrators who need to understand and counteract the threat of attacks against their company’s data, and useful for SQL developers and architects
Peter Carter is a SQL Server expert with over 15 years of experience in database development, administration, and platform engineering. He is currently a consultant, based in London, England, UK. Peter has written several books across a variety of SQL Server topics, including security, high availability, automation, administration, and working with complex data types.
Part I. Database Security.- 1. Threat Analysis and Compliance.- 2. SQL Server Security Model.- 3. SQL Server Audit.- 4. Data-Level Security.- 5. Encryption in SQL Server .- 6. Security Metadata.- 7. Implementing Service Accounts for Security.- 8. Protecting Credentials.- 9. Reducing the Attack Surface.-.-Part II. Threats and Countermeasures.- 10. SQL Injection.- 11. Hijacking an Instance.- 12. Database Backup Theft.-13. Code Injection.- 14. Whole Value Substitution Attacks.
Erscheinungsdatum | 07.12.2018 |
---|---|
Zusatzinfo | 91 Illustrations, black and white; XVII, 349 p. 91 illus. |
Verlagsort | Berkley |
Sprache | englisch |
Maße | 178 x 254 mm |
Themenwelt | Informatik ► Datenbanken ► SQL Server |
Informatik ► Netzwerke ► Sicherheit / Firewall | |
Mathematik / Informatik ► Informatik ► Software Entwicklung | |
ISBN-10 | 1-4842-4160-6 / 1484241606 |
ISBN-13 | 978-1-4842-4160-8 / 9781484241608 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich