SQL Server 7.0: Audit & Security

About this class

Walking around any end user or technical department, auditors always find developments under way using the Microsoft SQL Server 7 environment. But while we continue to audit central IT systems, this platform infrequently appears as a target of evaluation in audit plans. Even though continuity of service to the organisation within departments could well depend on this product. Here is an opportunity to find out how SQL Server 7 works, what are its security weaknesses and how they should be mitigated. This is a highly functional environment where communication across a Microsoft network is very easy to achieve. Too easy perhaps? As with all highly functional products the downside is insecurity. Learn hands-on what this means.

You will learn what the components of Microsoft SQL Server 7 are and understand what the system administrators should be doing. Find out how to get information out of SQL Server and how to interpret it. Experiment with a live SQL Server 7 network in a lab environment. Learn how to write auditors' job packs in T-SQL, for regularly extracting information.

Who will the lesson benefit?

Delegates should posses a basic understanding of database technology. Some prior knowledge of SQL will be useful.

Contents of this class

• Architecture
• Database structure
• Data storage
• Backup and recovery
• Exchanging information between servers
• Data transformation services
• Linked servers
• Login and user security
• Application security
• Audit trail using triggers
• Automation features
• Web publication of SQL Server data
• Replication
• SQL Server 7 security and the underlying operating system
• Review of exploits and other abuses