|
发信人: reynolds(雷龙.DBA中) 整理人: reynolds(2002-06-13 14:15:11), 站内信件 |
| 111. You are the administrator of a SQL Server 2000 computer named DataSvr. The server is a member of a Microsoft Windows NT domain. DataSvr is currently configured for Windows Authentication and contains logins for several domain user groups. The server is configured to use the Named Pipes Net-Library. Your company purchases five UNIX client computers. You want to allow employees who will be using these computers to access DataSvr. What should you do?
A. Configure DataSvr for Mixed Mode authentication. Add a login for a domain user group that includes the five UNIX computers. B. Configure DataSvr for Mixed Mode authentication. Add a login for each of the five UNIX users. C. Install the TCP/IP Net-Library. Add the five UNIX users to a domain user group that has access to DataSvr. D. Install the TCP/IP Net-Library. Add a login for each of the five UNIX users. Answer: B Reason: Unix客户是无法采用Windows验证方式的,所以必须为每一个Unix客户设定一个安全账户。 112. You are the administrator of an SQL Server 2000 computer named CorpSQL. The server is a member of a Microsoft Windows NT domain named CORPORATE. Franz maintains a local user account on CorpSQL and is a member of the local Power Users group. He requests access to the SQL Server databases that are stored on CorpSQL. You need to allow Franz to access CorpSQL. Which Transact-SQL statement should you execute? A. EXEC sp_grantlogin Franz B. EXEC sp_grantlogin CORPORATE\Franz C. EXEC sp_grantlogin Power Users\Franz D. EXEC sp_grantlogin CorpSQL\Franz Answer: D Reason: Franz是CorpSQL服务器上的一个本地安全账号,而不是域安全账号。 113. You are the administrator of a SQL Server 2000 computer. The server is a member of a Microsoft Windows NT domain named CORPHQ. Several users need access to the server. These users are members of a domain user group named Receptionists. The Receptionists group also contains users who should not have access to the server. These users are also members of a domain user group named TempEmployees. You need to allow only the appropriate users to access the server. Which Transact-SQL statement should you execute? A. EXEC sp_addlogin 'CORPHQ\Receptionists' EXEC sp_droplogin 'CORPHQ\TempEmployees' B. EXEC sp_addlogin 'CORPHQ\TempEmployees' EXEC sp_addlogin 'CORPHQ\Receptionists' REVOKE ALL ON Master FROM CORPHQ\TempEmployees C. EXEC sp_addlogin 'CORPHQ\Receptionists' EXEC sp_denylogin 'CORPHQ\TempEmployees' D. EXEC sp_addlogin 'CORPHQ\TempEmployees' EXEC sp_addlogin 'CORPHQ\Receptionists' GRANT ALL ON Master TO CORPHQ\Receptionists Answer: C Reason: 显式禁止。 114. You are the administrator of a SQL Server 2000 computer. The server is used to store confidential information about company employees. You suspect that at least one user is accessing the employee information database without company approval. You believe the access is occurring after business hours. You need to discover whether users are accessing the database without approval and which users are accessing the data. You also want to minimize any additional overhead on the server during business hours. What should you do? A. Use SQL Profiler to capture security events and audit events. B. On the Security tab of the Server Properties dialog box, set the audit level option to All. C. Configure the server to use Windows Authentication. Make sure the Windows security log does not overwrite events. D. Set the c2 audit mode option to 1. Restart the MSSQLServer service. Answer: A Reason: 答案B的设定只是审计登录成功与否,而不是数据库的访问。C也不行,数据库内部操作是不会记录到Windows安全日志中去的。答案D可行,但是负载太大了。 115. You are the administrator of a SQL Server 2000 computer. The server is used to store information for your company's finance department. The permissions on the FinanceInfo database are configured as shown below: Users/Database Role Create Table Create View Create SP Accountants Deny Blank Deny Administrators Grant Blank Blank Public Blank Blank Blank AppRole1 Blank Blank Blank Managers Grant Grant Grant Salespeople Blank Blank Blank Byron Blank Deny Blank Lilly Grant Blank Blank Byron is a member of the Accountants database role. He needs to add a new view to the database. You need to configure the database to allow Byron to add a new view. Which two actions should you take? (Each correct answer represents part of the solution. Choose two.) A. Add Byron to the Managers database role. B. Add Byron to the Administrators database role. C. Revoke the CREATE TABLE permissions for Byron. D. Revoke the CREATE PROCEDURE permissions for Byron. E. Revoke the CREATE VIEW permissions for Byron. Answer: A E Reason: 除去明显的Deny。 ---- / <>< o /| / <>< (o / |/| ) ) <@ < ( O )( \ |\| <>< ) <>< () \| \ \ 每天在网易游水的鱼 |
|
[关闭][返回] |