security's questions - English 1answer

781 security questions.

I'm using SQL Server 2016 for these tests. The following did not allow me to create a table in schema S for user U USE [D]; GRANT CONTROL ON SCHEMA :: [S] TO [U]; But this did: USE [D] GRANT ALTER ...

I have a server which runs third party software (called Visualcut) to email Crystal Reports to our users. When I log onto the Visualcut Server, I can open the software and then preview a report. This ...

Due to GDPR, we are seeking software to help identify malicious activity or data breaches from our production SQL Server. It seems if we were using Azure, this is a flick of a switch. What is ...

I have an AD group that is setup as a Windows Authenticated SQL Login on my SQL Server. On DatabaseA it has the db_datareader and public roles. So the users of this AD group only have read access to ...

I'm having some friction when it comes to showplan permission security. Say there are 5 databases on a server. And each one has a test/ production split (so 10 total). There is one sysadmin. There ...

As the Title suggest, is there a way to check what IP used a particular SQL Script? The scenario is, there is a recreation script in a email and we hypothesize that somehow, that recreation script ...

What permissions should I use for Active Directory groups to be able to deploy and then run/schedule their own jobs only? For example, I have 3 folders in the Integration Services catalog. Dept_A, ...

I have an odd encryption and decryption problem. Encryption worked fine in SQL 2008 R2, we were using TRIPLE_DES_3KEY. This has been deprecated in SQL 2016, so we were are testing out AES_256. My ...

We are getting the above error on a SQL 2012 server running Windows Server 2008R2 when connecting using an application and a service account. The server also has Config Manager database and GAP policy ...

Is it true that stored procedures prevent SQL injection attacks against PostgreSQL databases? I did a little research and found out that SQL Server, Oracle and MySQL are not safe against SQL injection ...

I'm building a shared hosting SQL Server tool for linux, where users only receive access to their own database, with a SQL Login and SQL Database User that has db_datareader, db_datawriter and ...

Since 9.2, it's been possible to use the security_barrier attribute to guard against maliciously-chosen functions and operators accessing data 'hidden' behind filters in views (full info in the ...

I am in the process of building a new environment for my company's Customer Relationship Management (CRM) system. This system is a commercially available product which uses SQL Server as its back end ...

I'm building an application that is attached to a legacy application database. The application has it's own database that is on the same server as the legacy database. My application is ASP.NET and ...

I'm setting up a new server using MariaDB (current stable version of 10.3) and I notice that all of my users - mainly root and debian-sys-maint - do not have an authentication_string after the ...

I'm redesigning security setup in our database. I was in process of defining certain user-defined roles and - as I find it handy - on the other monitor I was browsing documentation to make sure I don'...

I want to enable audit trail for specific user, but only for sessions when this user connect to database using one specific module applications. For ex. I want to enable audit trail for user test1 ...

The MariaDB knowledge base article for the command mysql_secure_installation states that mysql_secure_installation accepts some options: basedir defaults-extra-file defaults-file no-defaults No ...

I intend to be using a UNIQUEIDENTIFIER as an access key that users can use to access certain data. The key will act as a password in that sense. I need to generate multiple such identifiers as part ...

The security folks want all AD passwords to expire every three months. I'm really not excited about this, since I definitely won't remember, and I'll likely be on my boat, drunk, when they expire. ...

I can not log in to SQL Server 2008 using SQL Server authentication. I can only log in using Windows Authentication Mode. I chose only defaults while installing SQL Server 2008 R2.

I'm implementing a new feature which requires data from databases on multiple servers. I just need to union data from all these servers and sort it. The two options that come to mind are: Use linked ...

I have been working on a solution to synchronise logins (using T-SQL) between 2 servers, or between AlwaysOn nodes, inspired by sqlsoldier. It requires a linked Server. When run, this procedure ...

I have been working on a solution to synchronise logins (using T-SQL) between 2 servers, or between AlwaysOn nodes, inspired by sqlsoldier. It requires a linked Server. this is a partial view of the ...

I have a database that will be shared across multiple related types of applications for different users. I want to be able to restrict each database user to essentially have full control over their ...

I administer a small datawarehouse in Oracle. My user dwhmanager was given the SELECT ANY TABLE privilege: GRANT SELECT ANY TABLE TO dwhmanager WITH ADMIN OPTION; The idea was to have the ability to ...

We are trying to implement failed_login profile for account lock on MySQL. didn't find it on documentation. Our version is 5.7.12.

Need help resetting mongodb back to its original state. We have a flask app running with mongodb with authentication turned off. Running on Ubuntu with std Flask. We tried ALL sorts of combinations ...

I'm trying to set up a user to allow them access from localhost and from a specific named server. Is this possible in MySQL and if it is how do I do it? I know I can use % under the host to allow ...

Are there ways to understand which password entered when connecting to my server ?

DESCRIPTION: SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext ...

MS is clear about restoring TDE backups: Certificate has to be restored on destination OR, in case of EKM, the asymmetric key " When moving a TDE protected database, you must also move the ...

I'm trying to create a SQL statement to create a login and user in SQL Server that will allow a web application to perform crud actions on a single database, and allowing full access to all tables and ...

For a system with sensitive information stored in a PostgreSQL 9.5 database, in which data stored in a table that is deleted must be securely deleted (like shred does to files), and where the system ...

We are using SQL Server 2016 and want to use the Force Encryption option. From what I read, is it just installing the certificate on the Server itself and then setting the ForceEncyption to "Yes"? ...

Given the following stored procedure, can I protect against SQL injection in the supplied additional WHERE condition? CREATE PROCEDURE [dbo].[ProtectDynamicWhereClause] (@TableName varchar(50), ...

I have a group of 5 developers that need to be able to view the plans of queries they have written for a database, and that database only. I refuse to make them a member of sysadmin. I do not want ...

I have secured a database within SQL Server Instance on my local machine using Netlib Encryptionizer. I can access the database by securing my SQL Server instance using the same password as encrypted ...

Need help in resolving the issue with backing up a DB using Ola Hallengren's stored procedure to a shared folder. I have a procedure that is executed at SQL Server startup. It runs Ola Hallengren's ...

Recently we have disabled a module which is dependent on xp_cmdshell. Though we are not directly using the xp_cmdshell (instead we are using the proxy), we would now like to disable the xp_cmdshell ...

I have a MySQL Community database on a remote server and I am trying to get Microsoft Access to read data from it. This data is sensitive. The problem is, MySQL doesn't care about the username that I ...

According to the MySQL documentation, you can harden a MySQL server by adding passwords, or removing the anonymous accounts. If you want to prevent clients from connecting as anonymous users ...

We want to keep track of changes being done to MySQL procedures only, actually recently our procedures seem to have overwritten to some previous versions and we were unable to track it that who did ...

I am a server securityAdmin. The securityAdmin role should be treated as equivalent to the sysadmin role, according to Microsoft, but I failed to do below 2 things make myself as sysAdmin grant ...

I installed MariaDB and ran mysql_secure_installation and answered yes to all questions to remove anonymous user, test DB, remote login, etc. However, I recently had MariaDB crash and in checking the ...

I have a couple of admin roles in a SQL Server 2012. To prevent myself from changing data in one database, I added my login as a member of denydatawriter role to that database. It seems does not ...

I have a SQL Server instance that runs 5 scheduled tasks each night, each of which run SSIS packages. These packages have been running for years and the associated steps run via a Proxy Account (...

What is the minimum permissions in PostgreSQL for SELECT/INSERT/UPDATE/DELETE and create a new table? Should the user be the owner of that database, too?

I'm writing some simple C# code through a website to take an excel file and update a table on a database. My system admin seems to not want to give me access to pretty much anything including the two ...

Someone disabled lot of SQL Server logins on one of our SQL Server 2014 boxes yesterday, causing a major outage for some of our applications. I need to find out who disabled those logins. Is there a ...

Related tags

Hot questions

Language

Popular Tags