MS2787 Designing Security for Microsoft SQL Server 2005
|Please Note: Dates are for courses conducted by our training partner in Sydney. Newcastle based training dates available on request|
|Walk-In Week starting:||Call 02 4969-0690 for the next course date|
This two-day instructor-led course enables database administrators who work with enterprise
environments to design security for database systems using Microsoft SQL ServerT 2005. The course emphasizes
that students should think about the whole environment, which includes business needs, regulatory requirements,
network systems, and database considerations during design. Students will also learn how to monitor security
and respond to threats.
Before attending this course, students must:
- Have basic knowledge of security protocols and how they work. For example, Windows NT LAN Manager (NTLM) or Kerberos.
- Have basic knowledge of public key infrastructure (PKI) systems.
- Have working knowledge of network architectures and technologies.
- Have working knowledge of Active Directory directory service.
- Be able to design a database to third normal form (3NF) and know the tradeoffs when
backing out of the fully normalized design (denormalization) and designing for performance
and business requirements in addition to being familiar with design models, such as Star and Snowflake schemas.
- Have strong monitoring and troubleshooting skills.
- Have experience creating Microsoft Office Visio drawings or have equivalent knowledge.
- Have strong knowledge of the operating system and platform.
- Have basic knowledge of application architecture.
- Have knowledge about network security tools.
- Be able to use patch management systems.
- Have knowledge of common attack methods. For example, buffer overflow, and replay attacks.
- Be familiar with SQL Server 2005 features, tools, and technologies.
- Have a Microsoft Certified Technology Specialist: Microsoft SQL Server 2005 credential or equivalent experience.
Module 1: Introduction to Designing SQL Server Security
This module introduces the principles and methodology of designing SQL Server security.
This module also explains the benefits of having a security policy in place and the
process of creating a security policy. In addition, this module teaches you the
importance of monitoring the security of SQL Server.
Module 2: Designing a SQL Server Systems Infrastructure Security Policy
- Principles of Database Security
- Methodology for Designing a SQL Server Security Policy
- Monitoring SQL Server Security
This module provides the guidelines for implementing server-level security using
authentication methods. This module also provides the knowledge required to develop a
Microsoft Windows server-level security policy. To enable you to do this, this module
provides the guidelines to create password policy and determine service accounts
permissions. In addition, this module explains how to select an appropriate
encryption method to develop a secure communication policy. This module also
explains the monitoring standards for SQL Server.
Module 3: Designing Security Policies for Instances and Databases
- Integrating with Enterprise Authentication Systems
- Developing Windows Server-Level Security Policies
- Developing a Secure Communication Policy
- Defining SQL Server Security Monitoring Standards
This module explains how to design SQL Server instance-level, database-level, and
object-level security policies. This module teaches the security monitoring
standards for instances and databases.
- Designing an Instance-Level Security Policy
- Designing a Database-Level Security Policy
- Designing an Object-Level Security Policy
- Defining Security Monitoring Standards for Instances and Databases
Module 4: Integrating Data Encryption into a Database Security Design
This module provides the guidelines and considerations for security data using
encryption and certificates. This module also describes various data encryption
policies. Finally, this module shows how to determine a key storage method.
Module 5: Designing a Security Exceptions Policy
- Securing Data by Using Encryption and Certificates
- Designing Data Encryption Policies
- Determining a Key Storage Method
This module provides guidelines for gathering business and regulatory requirements
and comparing them with existing policy. This module also covers how to
determine the exceptions and their impact on security.
Module 6: Designing a Response Strategy for Threats and Attacks
- Analyzing Business and Regulatory Requirements
- Determining the Exceptions and their Impact
This module provides guidelines to respond to virus and worm attacks,
denial-of-service attacks, and injection attacks.
- Designing a Response Policy for Virus and Worm Attacks
- Designing a Response Policy for Denial-of-Service Attacks
- Designing a Response Policy for Internal and SQL Injection Attacks
|Forsythes Training provides instructor led computer training on the Microsoft Office and Adobe range of applications.|
We service Sydney, Newcastle, the Hunter Valley, Lake Macquarie, Central and Northern Coasts of New South Wales (NSW) Australia.With our mobile training room we can provide a range of courses on-site at your premises.