Designing a database security plan

These questions are based on: 70-229 – Designing and Implementing Databases with Microsoft SQL Server 2000 Enterprise Edition Microsoft Self-Test Software Practice Test.


Objective: Designing a database security plan
SubObjective: Define object-level security including column-level permissions by using GRANT, REVOKE and DENY


Item No. 70-229.6.2.4
Single Answer, Multiple Choice


You are the database developer for your company’s Inventory database. The database contains a table named Products. George is a member of the Windows 2000 Sales group.


The Sales group is a member of the Sales database role, which has been granted SELECT permissions to all columns in the Products table. George’s database user account has been denied SELECT permissions on the InStock and Discount columns of the Products table. George now requires access to all the data in the Products table. Your solution must follow recommended security practices.


What should you do?



  1. Add George to the db_datareader database role.
  2. Add George to the db_accessadmin database role.
  3. Grant SELECT permission on the InStock and Discount columns of the Products table for George’s database user account.
  4. Revoke SELECT permission on the InStock and Discount columns of the Products table for George’s database user account.

Answer:



  1. Revoke SELECT permission on the InStock and Discount columns of the Products table for George’s database user account.

Tutorial:
You should revoke SELECT permission on the InStock and Discount columns of the Products table for George’s database user…


cmadmin

ABOUT THE AUTHOR

Posted in Uncategorized|

Comment:

Powered by WebDesk