security's questions - English 1answer

822 security questions.

I have the following query to get me a list of sysadmins in the current server: select 'ServerRole' = SUSER_NAME(rm.role_principal_id), 'MemberName' = lgn.name , 'Status'= Case when ...

I run a non-profit dedicated to sharing data kind of like Wikipedia. We recently had a client that wanted a replica of our database, and we realized that by using PostgreSQL's new logical ...

I'm looking to improve the security of my MariaDB installation by better auditing the user accounts and the privileges of each user account. This database is being provided as a service out to many ...

I'm working with a DBA to add some additional security to SQL connections and we're using SQL server 2008 R2 and it seem like way to do it is to turn the ForceEncryption box to yes. I understand that ...

I am looking to generate a cryptographically secure string for password reset in MySQL. I know I could do this at the application level in PHP; but that requires the OpenSSL extension which many of my ...

We have a single SQL Server database for all tenants of a web-application. How can we ensure when a support engineer queries the DB directly via SSMS, they only touch data belonging to one tenant? ...

In our database (DB for brevity) we store some very sensitive government data, and would like to secure the data as much as possible. There are two way to think about security here: defense from ...

I am trying to assign a SQL Server database role to a user who just needs to be able to see data across all tables. I was wondering what is the difference between db_datareader and db_denydatawriter? ...

I am looking for a way to check the encryption and integrity protection level in effect for the current session. Is there a system view where I can get those details? It would also be good if the ...

In my production, There is a table named ABC under X schema. I have granted SELECT privilege on ABC table to another user named Z. When I execute the query SELECT COUNT(*) FROM X.ABC; as user Z it ...

I dont understand why my user can create data base. The user "toto" with role "readwrite" on DB1 can create a DataBase (db2). And with the same account "toto" I can create a user and affect this user ...

When I execute this SQL: USE ASPState GO IF NOT EXISTS(SELECT * FROM sys.sysusers WHERE NAME = 'R2Server\AAOUser') CREATE USER [R2Server\AAOUser] FOR LOGIN [R2Server\AAOUser]; GO I get the following ...

I have a server which runs third party software (called Visualcut) to email Crystal Reports to our users. When I log onto the Visualcut Server, I can open the software and then preview a report. This ...

It looks like for single user I should create a login role and than respective group roles because I can't directly assign privileges on login role. Is it true? What's the purpose of such separation? ...

I will need to allow report writers on the Subscription database to be able to view the table, create alter and delete stored procedure and views. Since it is a transactional replication they cannot ...

Historically, it has been recommended not to use the default ports for connections to SQL Server, as part of security best practice. On a server with a single, default instance, the following ports ...

What permissions should I use for Active Directory groups to be able to deploy and then run/schedule their own jobs only? For example, I have 3 folders in the Integration Services catalog. Dept_A, ...

We have evaluated the Microsoft "best practice" policies (located at C:\Program Files (x86)\Microsoft SQL Server\number\Tools\Policies\DatabaseEngine\1033) on each of our SQL Server instances (example ...

I have a new server that is configured using a dynamic port as you can see below: The application that connects to this server uses the following connection string, but I am getting the following ...

I'm using BCrypt to hash my passwords on the server side. Before I store it in my MySQL database, would it be overkill to encrypt my hashed-BCrypt password or would storing the hash directly in the ...

Besides passwords, credit/debit card info, social security info, passport info, what other types of data fields should be hashed to give it an additional layer of protection within any database? ...

I have the environment that I explain below and I need to encrypt the data that is sent between my two nodes, I have been reading but I can not find the right solution, I explain: I have an Oracle ...

We have several MySQL 5.0 databases. We've been having security problems, like records being modified without authorization. We need to implement some kind of audit on DML operations identifying ...

I have a hostname and a port. How do I inspect the public X.509 certificate used to protect the endpoint. It is possible to talk to the SQL server both encrypted and non-encrypted; however I have ...

I have this script that set a bunch of databases to the same db owner, and set cross database ownership on at database level select database_name=name, db_owner_name=suser_sname(owner_sid), ...

Can we configure Certificate-based Authentication to connect(logon) sql client? or any other method to connect sql client using mutual authentication(sql server and sql client)?

When using sp_send_dbmail to send an email on SQL Server, how do you specify that the email be sent in an encrypted format? I found a thread discussing including the string "[SECURE]" in the subject ...

Using the script below I find out where are the data and log folders: declare @rc int, @dir nvarchar(4000) declare @data nvarchar(4000) declare @log nvarchar(4000) ...

I want to store the master key in a centralize key vault and have IIS access the key from there. I know I can use Azure Key Vault or local Windows key store, but I was looking for another option to ...

I have been trying to login using one of my sql server logins but I am getting the error message below: General Error Message Copy Message Text TITLE: Connect to Server -----------------------------...

I'm using SQL Server 2016 for these tests. The following did not allow me to create a table in schema S for user U USE [D]; GRANT CONTROL ON SCHEMA :: [S] TO [U]; But this did: USE [D] GRANT ALTER ...

I would like to know if it is possible given a certain backup made with RMAN in Oracle 12c is encrypted without having to restore said backup, is there any or some queries that verify if an RMAN ...

I am developing a REST AOI backed by PostgreSQL. Users of the API must pass a session token in the Authorization header. For example: Authorization: Bearer fcda6eca-71c4-456c-a4df-4e398b11fa00 This ...

I've been reading up on application roles in Microsoft SQL server. It seems an application role is like any other role in that permissions on securables can be granted to an application role, however, ...

PostgresSQL 10.4 is our backend database for a consumer-facing app with millions of users. When implementing row-level security so each user can only access their own data, is it best practice to use ...

If we configured IP restriction to allow only internal network, then why we need threat detection? IP restriction already blocks connections from other resources. Moreover, advanced threat detection ...

There are some rows in the result of sp_who2 which their Login column value is null (see image below) while the login_name column of sys.dm_exec_sessions is not blank and this sometimes happens ...

We are using SQL Server 2016 and want to use the Force Encryption option. From what I read, is it just installing the certificate on the Server itself and then setting the ForceEncyption to "Yes"? ...

i was looking for a way to make MySQL Enterprise Edition to send SNMP trap with audit log information. I've enabled the audit_log module and I've added some rules (for example i've decided to log ...

We are in the process of selectively encrypting connections to our SQL server using TLS1.2. We have few applications which are not configured for encryption yet (and are in the process)and hence will ...

If view 1 uses tables A and B, and a user has SELECT granted on view 1 is that sufficient for the user to select from view 1 or does he also need SELECT granted on tables A and B. Specific details on ...

There is a specific need to clean up logins from the SQL Servers after migration from one domain say abc to new domain foo. After migration as we still have those old logins and users under naming of ...

What is the SQL Server method of safe-quoting identifiers for dynamic sql generation. MySQL has quote_identifier PostgreSQL has quote_ident How do I ensure given a dynamically generated column name ...

I am considering moving most of my Databases to Azure SQL server Database, but I am concerned that Microsoft will be able to snoop and look at the data inside the database, which is absolutely not ...

We're using Visual Studio 15.7.2 and using SSIS on SQL 2017 (14.0.3029.16). We built a connection manager to a 3rd-party, vendor managed SQL Server 2008 R2 (10.50.6529.0). Our only allowed ...

is there a way to secure a mysql-server so no one can reset a password via --init-file-startup? there should only be a: "root" user (password not known to anyone else than person a) "system" user (...

I am working on some data access restriction feature in Oracle 11g and have been struggling since then. What I want to achieve is, that I want to allow a specific group only to access a particular ...

I've got a table structure where A has records with an owner ID, B links to A, and C links to B. I want to restrict access to rows in C by the ownerId, which is set as a setting on the session in the ...

For a system with sensitive information stored in a PostgreSQL 9.5 database, in which data stored in a table that is deleted must be securely deleted (like shred does to files), and where the system ...

Till today i am using the linked server with the user of sql having same username and password in both the servers. For now on i can not keep the 2 servers password same for some reason and i still ...

Related tags

Hot questions

Language

Popular Tags