|
发信人: reynolds(雷龙.DBA中) 整理人: reynolds(2002-02-28 15:19:48), 站内信件 |
| 101. You are the administrator of a SQL Server 2000 computer. The server contains a database named EmployeeData. Your company's human resources department uses this database, which contains several tables as shown in the following table.
Table name Used for Employees Employee names, addresses, departments, and base salaries Bonuses Bonuses that have been paid to employees Awards Awards that have been presented to employees The human resources department wants to make employee names, addresses, and awards available to anyone who has permission to access the server. However, the human resources department wants to allow only users in the human resources department to access salary and bonus information. You need to allow company users to access only the appropriate employee information. What should you do? A. Create a trigger on the Salary column of the Employees table. B. Create a stored procedure that retrieves all of the data from the Employees and Awards tables, inserts the data into a temporary table, and then grants the current user SELECT permissions on the temporary table. Grant the Guest database user EXECUTE permissions on the stored procedure. C. Move the sensitive information out of the Employees table into a new table. Grant the Guest database user SELECT permission on the Employees table. D. Create a view that contains the name, address, and award information. Grant the Guest database user SELECT permissions on the view. Answer: D Reason: 102. You are the administrator of a SQL Server 2000 computer. The server is used to store sales and product information for your company. A client/server application accesses the server by activating an application role named SalesAppRole. Several users report that they are unable to use the client/server application. You test the application and discover that it cannot log on to the server. You examine your security audit logs, which contain the information below: EventClass TextData LoginName Audit Object Permission Select * FROM [customers] Martha Audit Object Permission Select [productname] * [productname] FR… Martha Audit Object Permission Byron Audit Object Permission -- sp_Mshasdbaccess select name as ‘… Byron Audit Object Permission UPDATE [Customers] SET [CompanyName] =… Martha Audit Object Permission UPDATE [Customers] SET [CompanyName] =… Martha Audit Object Permission -- ‘sp_approlepassword’ was found in… Byron Audit App Role Change Pa… Byron Audit Object Permission -- ‘sp_approlepassword’ was found in… Byron Audit Object Permission -- ‘sp_approlepassword’ was found in… Byron Audit Object Permission -- ‘sp_approlepassword’ was found in… Byron Audit Object Permission UPDATE [Customers] SET [CompanyName] =… Maria Audit Object Permission UPDATE [Customers] SET [CompanyName] =… Maria Audit Object Permission -- ‘sp_setapprole’ was found in the t… Byron You need to enable the application to log on to the server. What should you do? A. Configure the database permissions to deny Martha access to the database. B. Reset the password on the SalesAppRole application role. C. Reset the permissions on the SalesAppRole application role. D. Add the SalesAppRole application role to the db_owner database role. E. Remove Byron’s database user account. F. Enable encryption on the password for the SalesAppRole application role. Answer: B Reason: 好像是Byron把角色的密码修改了。 103. You are the administrator of a SQL Server 2000 computer. The server is used to store confidential company information. Company policy requires that every action and change of permission on the server be logged. Policy also requires that the server can run only when logging is enabled. You need to configure the server to comply with this policy. What should you do? A. Use SQL Profiler to capture security events and audit events. Make sure that file rollover is enabled. B. On the Security tab of the Server Properties dialog box, set the audit level to All. C. Configure the server to use Windows Authentication. Make sure the Windows security log does not overwrite events. D. Set the c2 audit mode option to 1. Restart the MSSQLServer service. Answer: D Reason: ====================================================================== 审核 SQL Server 活动 Microsoft® SQL Server™ 2000 提供审核功能,用以跟踪和记录每个 SQL Server 实例上已发生的活动(如成功和失败的记录)。SQL Server 2000 还提供管理审核记录的接口,即 SQL 事件探查器。只有 sysadmin 固定安全角色的成员才能启用或修改审核,而且审核的每次修改都是可审核的事件。 有两种类型的审核: 审核,提供某种级别的审核,但不要求与 C2 审核相同的策略数。 C2 审核,要求遵从十分明确的安全策略。有关 C2 审核的更多信息,请参见 C2 审核。 这两种审核都可以通过使用 SQL 事件探查器完成。 ====================================================================== 104. You are the administrator of a SQL Server 2000 computer. The server is a member of a Windows NT domain and is configured for Windows Authentication. The server contains a database that stores contact information for public officials in your region. These officials need to access the database by means of the Internet by using the Guest login. However, some users report that they cannot connect to the server by means of the Internet. You need to allow anyone access to the server by means of the Internet. What should you do? A. Assign the Guest login a blank password. B. Delete the Guest login and create a new login that is mapped to the Guest domain user account. C. Create a database user named Anonymous and assign the user the appropriate database permissions. D. Configure the server for Mixed Mode authentication. Answer: D Reason: 105. You are the administrator of a SQL Server 2000 computer at a doctor's office. The server contains a database named Medical. The database stores patient and treatment information and is configured as shown below: See http://www.cheet-sheets.com/228/image18.jpg 
The office accountant needs access to the total number of treatments that have been performed in the office. The accountant should not have access to any other patient data and should not be able to change any information in the database. The accountant has a SQL Server Authenticated login and database user account named AccountUser. You need to make the appropriate information available to the accountant, while protecting the other information in the database. Which batch of Transact-SQL statements should you execute? A. CREATE VIEW TotalTreatments AS SELECT COUNT(PatientID) AS Total FROM dbo.Patients GO GRANT ALL ON TotalTreatments TO AccountUser B. CREATE VIEW TotalTreatments AS SELECT COUNT(*) AS Total FROM dbo.Patients GO GRANT ALL ON TotalTreatments TO AccountUser C. CREATE PROCEDURE TotalTreatments AS SELECT COUNT(*) AS Total FROM dbo.Patients GO GRANT ALL ON TotalTreatments TO AccountUser D. CREATE PROCEDURE TotalTreatments AS SELECT COUNT(PatientID) AS Total FROM dbo.Patients GO GRANT ALL ON TotalTreatments TO AccountUser Answer: C Reason: ---- / <>< o /| / <>< (o / |/| ) ) <@ < ( O )( \ |\| <>< ) <>< () \| \ \ 每天在网易游水的鱼 |
|
[关闭][返回] |