Before attending this course, students must:
- Have basic knowledge of security protocols and how they work. For
example, NTLM or Kerberos.
- Have basic knowledge of public key infrastructure (PKI) systems.
For example, how public and private keys work, strengths and
weaknesses, and what they are used for.
- Have working knowledge of network architectures and technologies.
For example, how a firewall works, how IPSec works in networking
context, common vulnerability points, etc.
- Have working knowledge of Active Directory directory service. For
example, security models, policies, group policy objects (GPOs),
and organizational units (OUs).
- Be able to design a database to third normal form (3NF) and know
the trade offs when backing out of the fully normalized design
(denormalization) and designing for performance and business
requirements in addition to being familiar with design models, such
as Star and Snowflake schemas.
- Have strong monitoring and troubleshooting skills.
- Have experience creating Microsoft Visio drawings or have
- Have strong knowledge of the operating system and platform. That
is, how the operating system integrates with the database, what the
platform or operating system can do, interaction between the
operating system and the database.
- Have basic knowledge of application architecture. That is,
different methods of implementing security in an application, how
applications can be designed in three layers, what applications can
do, the interaction between applications and the database, and
interactions between the database and the platform or operating
- Have knowledge about network security tools. For example, sniffer
and port scanning. Must understand how they should be used.
- Be able to use patch management systems.
- Have knowledge of common attack methods. For example, buffer
overflow, replay attacks, etc.
- Be familiar with SQL Server 2005 features, tools, and
- Have a Microsoft Certified Technology Specialist: Microsoft SQL
Server 2005 credential or equivalent experience.
- In addition, it is recommended, but not required, that students
- Course 2779, Implementing a Microsoft SQL Server 2005
- Course 2780, Maintaining a Microsoft SQL Server 2005
This two-day instructor-led course enables database
administrators who work with enterprise environments to design
security for database systems using Microsoft® SQL ServerT 2005.
The course emphasizes that students should think about the whole
environment, which includes business needs, regulatory requirements
and network systems, and database considerations during design.
Students will also learn how to monitor security and respond to
This course is intended for current professional database
administrators who have three or more years of on-the-job
experience administering SQL Server database solutions in an
Elements of this syllabus are subject to change.
This course includes the following modules:
Introduction to Designing SQL Server
- Principles of Database Security
- Methodology for Designing a SQL Server Security Policy
- Monitoring SQL Server Security
Designing a SQL Server Systems Infrastructure Security
- Integrating with Enterprise Authentication Systems
- Developing Windows Server-level Security Policies
- Developing a Secure Communication Policy
- Defining SQL Server Security Monitoring Standards
Designing Security Policies for Instances and
- Designing an Instance-level Security Policy
- Designing a Database-level Security Policy
- Designing an Object-level Security Policy
- Defining Security Monitoring Standards for Instances and
Integrating Data Encryption into a Database Security
- Securing Data by Using Encryption and Certificates
- Designing Data Encryption Policies
- Determining a Key Storage Method
Designing a Security Exceptions Policy
- Analyzing Business and Regulatory Requirements
- Determining the Exceptions and their Impact
Designing a Response Strategy for Threats and
- Designing a Response Policy for Virus and Worm Attacks
- Designing a Response Policy for Denial-of-Service Attacks
- Designing a Response Policy for Internal and SQL Injection