Securing SQL Server - Peter A. Carter

Securing SQL Server (eBook)

DBAs Defending the Database

(Autor)

eBook Download: PDF
2018 | 2nd ed.
XVII, 349 Seiten
Apress (Verlag)
978-1-4842-4161-5 (ISBN)
Systemvoraussetzungen
66,99 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen
Protect your data from attack by using SQL Server technologies to implement a defense-in-depth strategy for your database enterprise. This new edition covers threat analysis, common attacks and countermeasures, and provides an introduction to compliance that is useful for meeting regulatory requirements such as the GDPR. The multi-layered approach in this book helps ensure that a single breach does not lead to loss or compromise of confidential, or business sensitive data.

Database professionals in today's world deal increasingly with repeated data attacks against high-profile organizations and sensitive data. It is more important than ever to keep your company's data secure. Securing SQL Server demonstrates how developers, administrators and architects can all play their part in the protection of their company's SQL Server enterprise.

This book not only provides a comprehensive guide to implementing the security model in SQL Server, including coverage of technologies such as Always Encrypted, Dynamic Data Masking, and Row Level Security, but also looks at common forms of attack against databases, such as SQL Injection and backup theft, with clear, concise examples of how to implement countermeasures against these specific scenarios. Most importantly, this book gives practical advice and engaging examples of how to defend your data, and ultimately your job, against attack and compromise.


What You'll Learn
  • Perform threat analysis
  • Implement access level control and data encryption
  • Avoid non-reputability by implementing comprehensive auditing
  • Use security metadata to ensure your security policies are enforced
  • Mitigate the risk of credentials being stolen
  • Put countermeasures in place against common forms of attack

Who This Book Is For

Database administrators who need to understand and counteract the threat of attacks against their company's data, and useful for SQL developers and architects



Peter Carter is a SQL Server expert with over 15 years of experience in database development, administration, and platform engineering. He is currently a consultant, based in London, England, UK. Peter has written several books across a variety of SQL Server topics, including security, high availability, automation, administration, and working with complex data types.


Protect your data from attack by using SQL Server technologies to implement a defense-in-depth strategy for your database enterprise. This new edition covers threat analysis, common attacks and countermeasures, and provides an introduction to compliance that is useful for meeting regulatory requirements such as the GDPR. The multi-layered approach in this book helps ensure that a single breach does not lead to loss or compromise of confidential, or business sensitive data.Database professionals in today's world deal increasingly with repeated data attacks against high-profile organizations and sensitive data. It is more important than ever to keep your company's data secure. Securing SQL Server demonstrates how developers, administrators and architects can all play their part in the protection of their company's SQL Server enterprise.This book not only provides a comprehensive guide to implementing the security model in SQLServer, including coverage of technologies such as Always Encrypted, Dynamic Data Masking, and Row Level Security, but also looks at common forms of attack against databases, such as SQL Injection and backup theft, with clear, concise examples of how to implement countermeasures against these specific scenarios. Most importantly, this book gives practical advice and engaging examples of how to defend your data, and ultimately your job, against attack and compromise.What You'll LearnPerform threat analysisImplement access level control and data encryptionAvoid non-reputability by implementing comprehensive auditingUse security metadata to ensure your security policies are enforcedMitigate the risk of credentials being stolenPut countermeasures in place against common forms of attackWho This Book Is ForDatabase administrators who need to understand and counteract the threat of attacks against their company's data, and useful for SQL developers and architects

Peter Carter is a SQL Server expert with over 15 years of experience in database development, administration, and platform engineering. He is currently a consultant, based in London, England, UK. Peter has written several books across a variety of SQL Server topics, including security, high availability, automation, administration, and working with complex data types.

Part I. Database Security1. Threat Analysis and Compliance2. SQL Server Security Model3. SQL Server Audit4. Data-Level Security5. Encryption in SQL Server 6. Security Metadata7. Implementing Service Accounts for Security8. Protecting Credentials9. Reducing the Attack SurfacePart II. Threats and Countermeasures10. SQL Injection11. Hijacking an Instance12. Database Backup Theft13. Code Injection14. Whole Value Substitution Attacks

Erscheint lt. Verlag 14.11.2018
Zusatzinfo XVII, 349 p. 91 illus.
Verlagsort Berkeley
Sprache englisch
Themenwelt Informatik Datenbanken SQL Server
Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Programmiersprachen / -werkzeuge
Schlagworte Always Encrypted • Auditing • Backup Theft • Countermeasures • credentials • Database Audit • Dynamic Data Masking • Encryption • gdpr • Hardening the Database • Impersonation • Ownership Chaining • Public Key Certificates • Row-Level Security • Securing SQL Server • Security auditing • Server Roles • SQL Injection • threat analysis • Transparent Data Encryption
ISBN-10 1-4842-4161-4 / 1484241614
ISBN-13 978-1-4842-4161-5 / 9781484241615
Haben Sie eine Frage zum Produkt?
PDFPDF (Wasserzeichen)
Größe: 10,7 MB

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasser­zeichen und ist damit für Sie persona­lisiert. Bei einer missbräuch­lichen Weiter­gabe des eBooks an Dritte ist eine Rück­ver­folgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
A Practical Guide to Analyzing Performance in SQL Server and Azure …

von Thomas LaRock; Enrico van de Laar

eBook Download (2023)
Apress (Verlag)
62,99