SQL Server Security Interview Questions


During the interview I always like to ask below security questions to DBA. I found that sometimes DBAs are not able to answer these questions.

Question 1: What will you do if you lost rights of your SQL Server instance?

We can use the below options

   1. Dedicated Administrator Connection
   2. BUILINAdministrator Group (Incase its rights are not revoked)
   3. Final Option is to change the registry value
   4. You can change authentication mode via registry

Question 2: – What is SQL Injection?

SQL Injection is developed where unhandledunexpected SQL commands are passed to SQL Server in a malicious manner.  It is a problem because unknowingly data can be stolen, deleted, updated, inserted or corrupted.

Question 3: – What is the Guest user account in SQL Server?  What login is it mapped to it?  

The Guest user account is created by default in all databases and is used when explicit permissions are not granted to access an object.  It is not mapped directly to any login, but can be used by any login.  Depending on your security needs, it may make sense to drop the Guest user account, in all databases except Master and TempDB

Question 4: – What is the use of BUILTINAdministrators Group in SQL Server?

Any Windows login in BUILTINAdministrators group is by default a SQL Server system administrator. This single group can be used to manage administrators from a Windows and SQL Server perspective

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: