Tasuta saatmine! | Klienditugi: 7440010 (E-R 10-18)

Abi | Registreeri | Logi sisse

E-raamat: Securing SQL Server: DBAs Defending the Database

4.00/5 (2 hinnangut Goodreads-ist)

Peter A. Carter

Formaat: EPUB+DRM
Sari: Professional and Applied Computing
Ilmumisaeg: 14-Nov-2018
Kirjastus: APress
Keel: eng
ISBN-13: 9781484241615

Teised raamatud teemal:

Formaat - EPUB+DRM
Hind: 67,91 €*
* hind on lõplik, st. muud allahindlused enam ei rakendu
Lisa ostukorvi
Lisa soovinimekirja
See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.

Formaat: EPUB+DRM
Sari: Professional and Applied Computing
Ilmumisaeg: 14-Nov-2018
Kirjastus: APress
Keel: eng
ISBN-13: 9781484241615

Teised raamatud teemal:

DRM piirangud

Kopeerimine (copy/paste):

ei ole lubatud
Printimine:

ei ole lubatud
Kasutamine:

Digitaalõiguste kaitse (DRM)
Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

Vajalik tarkvara
Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

Seda e-raamatut ei saa lugeda Amazon Kindle's.

Protect your data from attack by using SQL Server technologies to implement a defense-in-depth strategy for your database enterprise. This new edition covers threat analysis, common attacks and countermeasures, and provides an introduction to compliance that is useful for meeting regulatory requirements such as the GDPR. The multi-layered approach in this book helps ensure that a single breach does not lead to loss or compromise of confidential, or business sensitive data.

Database professionals in today’s world deal increasingly with repeated data attacks against high-profile organizations and sensitive data. It is more important than ever to keep your company’s data secure. Securing SQL Server demonstrates how developers, administrators and architects can all play their part in the protection of their company’s SQL Server enterprise.

This book not only provides a comprehensive guide to implementing the security model in SQL Server, including coverage of technologies such as Always Encrypted, Dynamic Data Masking, and Row Level Security, but also looks at common forms of attack against databases, such as SQL Injection and backup theft, with clear, concise examples of how to implement countermeasures against these specific scenarios. Most importantly, this book gives practical advice and engaging examples of how to defend your data, and ultimately your job, against attack and compromise.

What You'll Learn

Perform threat analysis
Implement access level control and data encryption
Avoid non-reputability by implementing comprehensive auditing
Use security metadata to ensure your security policies are enforced
Mitigate the risk of credentials being stolen
Put countermeasures in place against common forms of attack

Who This Book Is For

Database administrators who need to understand and counteract the threat of attacks against their company’s data, and useful for SQL developers and architects

About the Author

About the Technical Reviewer

xiii

Acknowledgments

Introduction

xvii

Part I Database Security

(218)

Chapter 1 Threat Analysis and Compliance

(20)

Threat Modeling

(14)

Understanding Threat Modeling

(2)

Identifying Assets

(1)

Creating an Architecture Overview

(3)

Creating a Security Profile

(2)

Identifying Threats

(2)

Rating Threats

(4)

Creating Countermeasures

(1)

Compliance Considerations

(2)

Introducing SOX for SQL Server

(1)

Introducing GDPR For SQL Server

(1)

Summary

(3)

Chapter 2 SQL Server Security Model

(28)

Security Principal Hierarchy

(2)

Instance Level Security

(13)

Logins

(8)

Server Roles

(4)

Credentials

(1)

Database-Level Security

(10)

Users

(8)

Database Roles

(2)

Summary

(2)

Chapter 3 SQL Server Audit

(26)

Understanding SQL Server Audit

(13)

SQL Server Audit Actions and Action Groups

(12)

Implementing SQL Server Audit

(10)

Creating a Server Audit

(6)

Create a Server Audit Specification

(1)

Create a Database Audit Specification

(3)

Creating Custom Audit Events

(2)

Creating the Server Audit and Database Audit Specification

(1)

Raising the Event

(1)

Summary

(1)

Chapter 4 Data-Level Security

(20)

Schemas

(3)

Ownership Chaining

(3)

Impersonation

(2)

Row-Level Security

(6)

Security Predicates

(1)

Security Policies

(1)

Implementing RLS

(4)

Dynamic Data Masking

(5)

Summary

(1)

Chapter 5 Encryption in SQL Server

(36)

Generic Encryption Concepts

(2)

Defense in Depth

(1)

Symmetric Keys

(1)

Asymmetric Keys

(1)

Certificates

(1)

Self-Signed Certificates

(1)

Windows Data Protection API

(1)

SQL Server Encryption Concepts

(4)

Master Keys

(3)

EKM and Key Stores

102

(1)

SQL Server Encryption Hierarchy

102

(1)

Encrypting Data

103

(11)

Encrypting Data With a Password or Passphrase

103

(6)

Encrypting Data with Keys and Certificates

109

(5)

Transparent Data Encryption

114

(5)

Considerations for TDE With Other Technologies

115

(1)

Implementing TDE

116

(2)

Administering TDE

118

(1)

Always Encrypted

119

(11)

Implementing Always Encrypted

121

(9)

Summary

130

(3)

Chapter 6 Security Metadata

133

(26)

Security Principal Metadata

133

(4)

Finding a User's Effective Permissions

134

(3)

Securable Metadata

137

(5)

Code Signing

138

(3)

Permissions Against a Specific Table

141

(1)

Audit Metadata

142

(3)

Encryption Metadata

145

(7)

Always Encrypted Metadata

145

(3)

TDE Metadata

148

(4)

Credentials Metadata

152

(2)

Securing Metadata

154

(3)

Risks of Metadata Visibility

156

(1)

Summary

157

(2)

Chapter 7 Implementing Service Accounts for Security

159

(16)

Service Account Types

159

(3)

Virtual Accounts

160

(1)

Managed Service Accounts

161

(1)

SQL Server Services

162

(9)

How Service Accounts Can Become Compromised

171

(1)

Designing a Pragmatic Service Account Strategy

172

(2)

Summary

174

(1)

Chapter 8 Protecting Credentials

175

(18)

Protecting the sa Account

175

(13)

DBA Steps to Mitigate the Risks

176

(12)

Protecting User Accounts

188

(3)

Auditing Passwords Susceptible to Word List Attacks

189

(2)

Protecting Windows Accounts

191

(1)

Summary

192

(1)

Chapter 9 Reducing the Attack Surface

193

(26)

Network Configuration

193

(12)

Understanding Ports and Protocols

193

(6)

Firewall Requirements for SQL Server

199

(6)

Miscellaneous Considerations

205

(1)

Ensuring that Unsafe Features Remain Disabled

206

(10)

Configuring the Surface Area Manually

207

(1)

Managing Features With Policy-Based Management

208

(8)

Summary

216

(3)

Part II Threats and Countermeasures

219

(122)

Chapter 10 SQL Injection

221

(26)

Preparing the Environment

221

(9)

Performing SQL Injection Attacks

230

(10)

Spoofing a User Identity

230

(2)

Using SQL Injection to Leak Information

232

(4)

Destructive Attacks

236

(2)

Attacking the Network

238

(2)

Preventing SQL Injection Attacks

240

(4)

Using an Abstraction Layer

241

(1)

Access via Stored Procedures Only

242

(2)

Summary

244

(3)

Chapter 11 Hijacking an Instance

247

(28)

Hijacking an Instance

247

(5)

Protecting Against Hijacking

252

(22)

Understanding Logon Triggers

253

(1)

Using Logon Triggers to Prevent Instance Hijacking

254

(6)

Understanding Server Agent

260

(13)

Putting it all Together

273

(1)

Summary

274

(1)

Chapter 12 Database Backup Theft

275

(32)

Overview of Backups

275

(9)

Recovery Modes

275

(4)

Backup Types

279

(1)

Backup Media

280

(4)

Securing Backup Media

284

(11)

Physical Security

284

(1)

Encrypting Backups

285

(10)

Attempting to Steal an Encrypted Backup

295

(7)

Administrative Considerations for Encrypted Backups

302

(4)

Key Management

302

(1)

Backup Size

303

(3)

Summary

306

(1)

Chapter 13 Code Injection

307

(18)

Understanding Code Injection

307

(5)

Understanding EXECUTE AS

308

(2)

Using EXECUTE AS to Perform a Code Injection Attack

310

(2)

Protecting Against Code Injection

312

(9)

DevOps

313

(1)

Using Policy-Based Management to Protect Against Code Injection

313

(8)

Code Signing

321

(3)

Summary

324

(1)

Chapter 14 Whole Value Substitution Attacks

325

(16)

Understanding Whole Value Substitution Attacks

325

(7)

Salary Manipulation Example

326

(3)

Credit Card Fraud Example

329

(3)

Protecting Against Whole Value Substitution Attacks

332

(3)

Performance Considerations

335

(4)

Summary

339

(2)

Index

341

Peter Carter is a SQL Server expert with over 15 years of experience in database development, administration, and platform engineering. He is currently a consultant, based in London, England, UK. Peter has written several books across a variety of SQL Server topics, including security, high availability, automation, administration, and working with complex data types.

Lisainfo e-raamatute kohta

Püsilink: https://www.kriso.ee/db/97814842416156e.html

E-raamat: Securing SQL Server: DBAs Defending the Database

DRM piirangud

Kopeerimine (copy/paste):

Printimine:

Kasutamine:

Konto & seaded

Otsing

Otsingu andmebaas

Filtreeri tulemusi

Teemad E-raamatute teemad

Vali ostukorv