Category Archives: Security
Posted by Mahesh Gupta on December 29, 2011
What is SQL Injection? The ability to inject SQL commands into the database engine through an existing application is termed as SQL Injection Attack. SQL injection is a type of security exploit in which the attacker adds SQL statements through a web application’s input fields or hidden parameters to gain access to resources or make [...]
Posted by Mahesh Gupta on August 9, 2011
I have not created this job named "syspolicy_purge_history", who created / own this job ? This job is created automatically when on SQL Server 2008 Policy Management is enabled. Policy Management is a new feature introduced on SQL Server 2008 onwards. What tables are being used to store Policy Management evaluation results? Once the Policy [...]
Posted by Mahesh Gupta on July 12, 2011
During the Audit, this is common question, which is being asked by Auditor. During this season, Auditor was very tuff and he identified a suspected login and he wanted to know What are the permissions are being assigned to a that login ? What all this user can do to at individual database object level [...]
Posted by Mahesh Gupta on May 10, 2011
What is SQL Injection? The ability to inject SQL commands into the database engine through an existing application is termed as SQL Injection Attack. SQL injection is a type of security exploit in which the attacker adds SQL statements through a web application’s input fields or hidden parameters to gain access to resources or make [...]
Posted by Mahesh Gupta on December 2, 2010
Can we create user defined Server Roles in SQL Server ? YES, we can create SQL Server Roles in SQL Server (2011) Denali onwards. Starting from SQL Server Denali you can create user-defined server roles and add server-level permissions to the user-defined server roles. We can not create user defined roles in any prior release [...]
Posted by Mahesh Gupta on December 1, 2010
SQL Server Permission : ADMINISTER BULK OPERATIONS Allows or Denies the ability to execute BULK INSERT commands. However, INSERT permissions must exist for the login with respect to the table being loaded. In addition, ALTER TABLE permissions may also be required. The bulkadmin fixed server role is granted this permission implicitly. Related Article : How [...]
Posted by Mahesh Gupta on December 1, 2010
Following are the New Permissions added in SQL Server Denali. Alter any availability group Alter any Server Role Create availability Group Create Server Role Alter any availability group : User assigned with permission will be alter/modify to create availability groups for high availability. Alter any Server Role : User assigned with permission will be able [...]
