Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Apress
committed
Oct 16, 2016
0 parents
commit 5b79579
Showing
22 changed files
with
1,625 additions
and
0 deletions.
There are no files selected for viewing
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
--Detecting fragmentation | ||
CREATE DATABASE Sales | ||
GO | ||
CREATE TABLE Customers (customer_id INT PRIMARY KEY, | ||
customer_name CHAR(255) NOT NULL) | ||
GO | ||
INSERT INTO Customers VALUES(1,'user1') | ||
GO | ||
DECLARE @i INT | ||
WHILE (@i<1000) | ||
BEGIN | ||
INSERT INTO Customers(customer_id,customer_name) VALUES(@i,'UserXXXX') | ||
|
||
SET @i=@i+1 | ||
END | ||
GO | ||
|
||
|
||
DBCC SHOWCONTIG(‘Customers’) | ||
|
||
--Distribution Statistics | ||
CREATE TABLE LotsOfRandomNumbers | ||
(number_generated INT, | ||
seed INT, | ||
random_number FLOAT) | ||
GO | ||
|
||
--Create sample data | ||
DECLARE @i INT | ||
DECLARE @RNF FLOAT | ||
DECLARE @RNI INT | ||
SET @i=0 | ||
|
||
WHILE (@i <= 100000) | ||
BEGIN | ||
SET @RNF = RAND(@i) | ||
INSERT INTO LotsOfRandomNumbers VALUES((CAST(0x7FFFFFFF AS int) * @RNF),@i,@RNF ) | ||
SET @i=@i+1 | ||
END | ||
GO | ||
CREATE NONCLUSTERED INDEX NC_number_generated ON dbo.LotsOfRandomNumbers(number_generated) | ||
GO | ||
|
||
SELECT s.object_id, | ||
OBJECT_NAME(s.object_id) AS table_name, | ||
COL_NAME(s.object_id, sc.column_id) AS 'Column Name', | ||
s.Name AS 'Name of the statistics', | ||
s.auto_created as 'Is automatically created' | ||
FROM sys.stats AS s | ||
INNER JOIN sys.stats_columns AS sc | ||
ON s.stats_id = sc.stats_id AND s.object_id = sc.object_id | ||
WHERE s.object_id = OBJECT_ID( 'dbo.LotsOfRandomNumbers') | ||
GO | ||
|
||
SELECT seed FROM LotsOfRandomNumbers WHERE random_number < .5 | ||
GO | ||
UPDATE STATISTICS dbo.LotsOfRandomNumbers | ||
GO | ||
UPDATE STATISTICS dbo.LotsOfRandomNumbers WITH SAMPLE 25 PERCENT, ALL | ||
GO | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
pet_id,pet_name,pet_weight,MicroChipID | ||
14,George,60,BN8XA | ||
15,Betty,14,H73A1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,145 @@ | ||
USE [master] | ||
GO | ||
CREATE LOGIN [TestLogin] WITH PASSWORD=N'PaSsWoRd!' | ||
MUST_CHANGE, DEFAULT_DATABASE=[master], | ||
CHECK_EXPIRATION=ON, CHECK_POLICY=ON | ||
GO | ||
|
||
USE [master] | ||
GO | ||
EXEC sys.sp_addsrvrolemember @loginame = N'TestLogin', @rolename = N'sysadmin' | ||
GO | ||
|
||
USE master | ||
GO | ||
GRANT SHUTDOWN TO <login> | ||
GO | ||
|
||
SELECT Name,Protocol_desc from sys.endpoints | ||
|
||
CREATE LOGIN MyAppLogin WITH PASSWORD='PaSsWoRd1' | ||
GO | ||
DENY CONNECT on ENDPOINT::[TSQL Default TCP] to MyAppLogin | ||
GO | ||
DENY CONNECT on ENDPOINT::[TSQL Default VIA] to MyAppLogin | ||
GO | ||
DENY CONNECT on ENDPOINT::[TSQL Named Pipes] to MyAppLogin | ||
GO | ||
|
||
CREATE SERVER ROLE [DBA Role] | ||
|
||
GRANT CONTROL SERVER TO [DBA Role] | ||
GO | ||
DENY ALTER ANY SERVER AUDIT TO [DBA Role] | ||
GO | ||
DENY ALTER ANY LOGIN TO [DBA Role] | ||
GO | ||
DENY IMPERSONATE ON LOGIN::CorporateAuditor TO [DBA Role] | ||
GO | ||
ALTER SERVER ROLE [DBA Role] ADD MEMBER [Julie] | ||
|
||
USE master | ||
GO | ||
CREATE DATABASE Accounting | ||
GO | ||
CREATE LOGIN DevLogin WITH PASSWORD='asdif983*#@YRfjndsgfD' | ||
GO | ||
USE Accounting | ||
GO | ||
CREATE USER DevUser FOR LOGIN DevLogin | ||
GO | ||
GRANT CREATE TABLE TO DevUser | ||
GO | ||
|
||
USE Accounting | ||
GO | ||
CREATE TABLE Customers | ||
(id INT NOT NULL, | ||
firstname VARCHAR(20) NOT NULL, | ||
lastname VARCHAR(40) NOT NULL) | ||
GO | ||
|
||
GRANT ALTER ON SCHEMA::dbo TO DevUser | ||
|
||
CREATE SCHEMA People | ||
GO | ||
GRANT ALTER ON SCHEMA::People TO DevUser | ||
GO | ||
|
||
USE Accounting | ||
GO | ||
CREATE TABLE [People.Customers] | ||
(id INT NOT NULL, | ||
firstname VARCHAR(20) NOT NULL, | ||
lastname VARCHAR(40) NOT NULL) | ||
GO | ||
|
||
CREATE USER DevUser FOR LOGIN DevLogin | ||
WITH DEFAULT_SCHEMA = People | ||
|
||
ALTER AUTHORIZATION ON SCHEMA::People TO TestUser | ||
|
||
USE [Accounting] | ||
GO | ||
EXEC sp_addrolemember N'db_datareader', N'DevUser' | ||
GO | ||
GRANT SELECT ON Customers TO BusinessAnalysts | ||
|
||
REVOKE SELECT ON Customers TO BusinessAnalysts | ||
|
||
DENY SELECT ON Customers to Bob | ||
|
||
USE AdventureWorks | ||
GO | ||
CREATE ROLE Developers AUTHORIZATION DevManager | ||
GO | ||
|
||
sp_addrolemember 'Developers', 'Bryan' | ||
|
||
GRANT CREATE TABLE TO Developers | ||
|
||
SELECT * FROM fn_my_permissions(NULL, 'DATABASE'); | ||
|
||
SELECT HAS_PERMS_BY_NAME('Customers', 'OBJECT', 'SELECT') | ||
|
||
EXECUTE AS USER=’Bryan’ | ||
GO | ||
SELECT HAS_PERMS_BY_NAME('Customers', 'OBJECT', 'SELECT') | ||
GO | ||
|
||
USE master | ||
GO | ||
CREATE DATABASE Customers | ||
GO | ||
Sp_configure 'show advanced options', 1 | ||
RECONFIGURE | ||
GO | ||
Sp_configure 'contained database authentication', 1 | ||
RECONFIGURE WITH OVERRIDE | ||
GO | ||
|
||
ALTER DATABASE Customers SET CONTAINMENT=PARTIAL; | ||
|
||
USE Customers | ||
GO | ||
CREATE USER [SalesRep1] WITH PASSWORD='pass@word1'; | ||
GO | ||
|
||
CREATE USER [ROB-DENALI-1\Bob] | ||
|
||
-- | ||
--Open a Command Shell in the context of the Windows User Bob | ||
--You can do this without completely logging out of the desktop by using the RUNAS command | ||
--You will need to be an administrator or have impersonation rights on Bob for this to work | ||
-- | ||
--Click Start and type, RUNAS /USER:<usernanme> "CMD.EXE" | ||
--where <username> is Bob in this script or whatever the name of the local user you created. | ||
-- | ||
--Once the command window is open you can try to connect to the SQL instance directly using | ||
--SQLCMD -E -S. | ||
-- | ||
--and try to connect directly to the database | ||
--SQLCMD -E -S. -d "Customers" | ||
|
||
|
||
select * from sys.dm_db_uncontained_entities |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,184 @@ | ||
USE MASTER | ||
GO | ||
CREATE SERVER AUDIT [Compliance Audit] | ||
TO FILE | ||
( FILEPATH = N'c:\audit' | ||
) | ||
WITH | ||
( QUEUE_DELAY = 1000, | ||
ON_FAILURE = CONTINUE | ||
) | ||
GO | ||
|
||
USE master | ||
GO | ||
ALTER SERVER AUDIT [Compliance Audit] | ||
WHERE server_principal_id <> 268 | ||
GO | ||
|
||
SELECT * FROM sys.server_principals | ||
|
||
USE MASTER | ||
GO | ||
CREATE SERVER AUDIT SPECIFICATION [Logins] | ||
FOR SERVER AUDIT [Compliance Audit] | ||
ADD (FAILED_LOGIN_GROUP) | ||
GO | ||
ALTER SERVER AUDIT SPECIFICATION Logins WITH (STATE=ON) | ||
GO | ||
ALTER SERVER AUDIT [Compliance Audit] WITH (STATE=ON) | ||
GO | ||
|
||
select * from fn_get_audit_file('c:\audit\*.*',null,null) | ||
|
||
USE [Accounting] | ||
GO | ||
CREATE DATABASE AUDIT SPECIFICATION [Customer information] | ||
FOR SERVER AUDIT [Compliance Audit] | ||
ADD(SELECT ON Customers by public) | ||
GO | ||
|
||
USE master | ||
GO | ||
CREATE DATABASE Accounting | ||
GO | ||
USE Accounting | ||
GO | ||
CREATE TABLE Customers | ||
(id INT NOT NULL, | ||
firstname VARCHAR(20) NOT NULL, | ||
lastname VARCHAR(40) NOT NULL) | ||
GO | ||
ALTER DATABASE AUDIT SPECIFICATION [Customers Table] | ||
WITH (STATE=ON) | ||
GO | ||
CREATE PROCEDURE ViewCustomers | ||
AS | ||
BEGIN | ||
SELECT * FROM Accounting.dbo.Customers | ||
END | ||
CREATE SERVER AUDIT [UserDefinedAudits] | ||
TO FILE | ||
( FILEPATH = N'C:\audit' | ||
,MAXSIZE = 0 MB | ||
,MAX_ROLLOVER_FILES = 2147483647 | ||
,RESERVE_DISK_SPACE = OFF | ||
) | ||
WITH | ||
( QUEUE_DELAY = 1000 | ||
,ON_FAILURE = CONTINUE | ||
) | ||
GO | ||
ALTER SERVER AUDIT [UserDefinedAudits] | ||
WITH (STATE=ON) | ||
GO | ||
USE [master] | ||
GO | ||
CREATE SERVER AUDIT SPECIFICATION [CustomAudits] | ||
FOR SERVER AUDIT [UserDefinedAudits] | ||
ADD (USER_DEFINED_AUDIT_GROUP) | ||
WITH (STATE=ON) | ||
GO | ||
EXEC sp_audit_write @user_defined_event_id = 1000 , | ||
@succeeded = 1 | ||
, @user_defined_information = N'User Bob logged into application.' ; | ||
|
||
|
||
USE [master] | ||
GO | ||
CREATE LOGIN BankManagerLogin WITH PASSWORD='g4mqw9K@32!@' | ||
GO | ||
CREATE DATABASE ContosoBank | ||
GO | ||
USE [ContosoBank] | ||
GO | ||
CREATE USER BankManagerUser FOR LOGIN BankManagerLogin | ||
GO | ||
CREATE TABLE Customers | ||
(customer_id INT PRIMARY KEY, | ||
first_name varchar(50) NOT NULL, | ||
last_name varchar(50) NOT NULL, | ||
social_security_number varbinary(100) NOT NULL) | ||
GO | ||
GRANT SELECT, INSERT, UPDATE, DELETE ON Customers TO BankManagerUser | ||
GO | ||
CREATE SYMMETRIC KEY BankManager_User_Key | ||
AUTHORIZATION BankManagerUser | ||
WITH ALGORITHM=TRIPLE_DES | ||
ENCRYPTION BY PASSWORD='HighFeesRule!' | ||
GO | ||
EXECUTE AS USER='BankManagerUser' | ||
GO | ||
OPEN SYMMETRIC KEY [BankManager_User_Key] DECRYPTION BY PASSWORD='HighFeesRule!' | ||
GO | ||
INSERT INTO Customers VALUES (1,'Howard','Stern', | ||
EncryptByKey(Key_GUID('BankManager_User_Key'),'042-32-1324')) | ||
INSERT INTO Customers VALUES (2,'Donald','Trump', | ||
EncryptByKey(Key_GUID('BankManager_User_Key'),'035-13-6564')) | ||
INSERT INTO Customers VALUES (3,'Bill','Gates', | ||
EncryptByKey(Key_GUID('BankManager_User_Key'),'533-13-5784')) | ||
GO | ||
|
||
CLOSE ALL SYMMETRIC KEYS | ||
GO | ||
OPEN SYMMETRIC KEY [BankManager_User_Key] DECRYPTION BY PASSWORD='HighFeesRule!' | ||
GO | ||
|
||
SELECT customer_id,first_name + ' ' + last_name AS ‘Name’, | ||
CONVERT(VARCHAR,DecryptByKey(social_security_number)) as 'Social Security Number' | ||
FROM Customers | ||
GO | ||
|
||
CLOSE ALL SYMMETRIC KEYS | ||
GO | ||
REVERT | ||
GO | ||
USE [ContosoBank] | ||
GO | ||
CREATE MASTER KEY | ||
ENCRYPTION BY PASSWORD = 'Some!@Complex*@(39' | ||
GO | ||
CREATE CERTIFICATE BankManagersCert | ||
AUTHORIZATION BankManagerUser | ||
WITH SUBJECT=’Bank manager’’s certificate’ | ||
GO | ||
OPEN SYMMETRIC KEY [BankManager_User_Key] DECRYPTION BY PASSWORD='HighFeesRule!' | ||
GO | ||
ALTER SYMMETRIC KEY BankManager_User_Key | ||
ADD ENCRYPTION BY CERTIFICATE BankManagersCert | ||
GO | ||
ALTER SYMMETRIC KEY BankManager_User_Key | ||
DROP ENCRYPTION BY PASSWORD='HighFeesRule!' | ||
GO | ||
CLOSE ALL SYMMETRIC KEYS | ||
GO | ||
EXECUTE AS USER='BankManagerUser' | ||
GO | ||
USE [ContosoBank] | ||
GO | ||
OPEN SYMMETRIC KEY [BankManager_User_Key] DECRYPTION BY CERTIFICATE BankManagersCert | ||
GO | ||
SELECT customer_id,first_name + ' ' + last_name, | ||
CONVERT(VARCHAR,DecryptByKey(social_security_number)) as 'Social Security Number' | ||
FROM Customers | ||
GO | ||
CLOSE ALL SYMMETRIC KEYS | ||
GO | ||
USE master; | ||
GO | ||
--This database master key is created in master | ||
-- and is used to protect the certificate | ||
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'EOhnDGS6!7JKv'; | ||
GO | ||
--This certificate is used to protect the database encryption key | ||
CREATE CERTIFICATE MyServerCert WITH SUBJECT = 'My DEK Certificate'; | ||
GO | ||
--You are now ready to create the Database Encryption Key | ||
USE ContosoBank | ||
GO | ||
CREATE DATABASE ENCRYPTION KEY | ||
WITH ALGORITHM = AES_128 | ||
ENCRYPTION BY SERVER CERTIFICATE MyServerCert | ||
GO | ||
ALTER DATABASE ContosoBank SET ENCRYPTION ON; | ||
GO |
Oops, something went wrong.