TRAINING CONTENTS
Module 1: Introduction to Designing SQL Server Security
· Principles of Database Security
· Methodology for Designing a SQL Server Security Policy
· Monitoring SQL Server Security
Module 2: Designing a SQL Server Systems Infrastructure Security Policy
· Integrating with Enterprise Authentication Systems
· Developing Windows Server-Level Security Policies
· Developing a Secure Communication Policy
· Defining SQL Server Security Monitoring Standards
Lab : Designing a SQL Server Systems Infrastructure Security Policy
· Developing Microsoft Windows Server-Level Security Policies
· Developing a Secure Communication Policy
· Integrating SQL Server Security Within the Active Directory Environment
· Integrating SQL Server Security With Firewall Configurations
· Discussing Systems Infrastructure Security Integration
Lab : Creating an Infrastructure Security Inventory
· Auditing the SQL Server Logins
· Auditing the Windows Local Password Policy
· Auditing SQL Server Service Accounts
· Monitoring Security at the Enterprise and Server Levels
Module 3: Designing Security Policies for Instances and Databases
· Designing an Instance-Level Security Policy
· Designing a Database-Level Security Policy
· Designing an Object-Level Security Policy
· Defining Security Monitoring Standards for Instances and Databases
Lab : Designing Security Policies for Instances and Databases
· Designing an Instance-Level Security Policy
· Designing a Database-Level Security Policy
· Designing an Object-Level Security Policy
· Discussing Database Security Exceptions
Lab : Validating Security Policies for Instances and Databases
· Auditing Existing Server Logins
· Auditing SQL Server Roles Membership
· Analyzing Existing Object Permissions
· Monitoring Security at the Instance and Database Level
Module 4: Integrating Data Encryption into a Database Security Design
· Securing Data by Using Encryption and Certificates
· Designing Data Encryption Policies
· Determining a Key Storage Method
Lab : Integrating Data Encryption into a Database Security Design
· Selecting a Data Security Method
· Designing a Data Encryption Security Policy
Module 5: Designing a Security Exceptions Policy
· Analyzing Business and Regulatory Requirements
· Determining the Exceptions and their Impact
Lab : Designing a Security Exceptions Policy
· Identifying Variations from the Security Policy
· Obtaining Approval of the Security Policy
· Discussing the Results of Policy Approval Presentations
Module 6: Designing a Response Strategy for Threats and Attacks
· Designing a Response Policy for Virus and Worm Attacks
· Designing a Response Policy for Denial-of-Service Attacks
· Designing a Response Policy for Internal and SQL Injection Attacks
Lab : Designing a Response Strategy for Threats and Attacks
· Designing a Response Policy for Virus and Worm Attacks
· Designing a Response Policy for Denial-of-Service Attacks
· Designing a Response Policy for Internal Attacks
· Validating a Security Policy