Securing SQL Server, 3rd Edition

Protecting Your Database from Attackers

Securing SQL Server, 3rd Edition,Denny Cherry,ISBN9780128012758






235 X 191

Secure your SQL Server database so the outside world can't access your internal data.

Print Book + eBook

USD 59.94
USD 99.90

Buy both together and save 40%

Print Book


In Stock

Estimated Delivery Time
USD 49.95

eBook Overview

VST (VitalSource Bookshelf) format

DRM-free included formats : EPUB, Mobi (for Kindle), PDF

USD 49.95
Add to Cart

Key Features

  • Presents hands-on techniques for protecting your SQL Server database from intrusion and attack
  • Provides the most in-depth coverage of all aspects of SQL Server database security, including a wealth of new material on Microsoft SQL Server 2014.
  • Explains how to set up your database securely, how to determine when someone tries to break in, what the intruder has accessed or damaged, and how to respond and mitigate damage if an intrusion occurs.


SQL server is the most widely-used database platform in the world, and a large percentage of these databases are not properly secured, exposing sensitive customer and business data to attack.

In Securing SQL Server, Third Edition, you will learn about the potential attack vectors that can be used to break into SQL server databases as well as how to protect databases from these attacks. In this book, Denny Cherry - a Microsoft SQL MVP and one of the biggest names in SQL server - will teach you how to properly secure an SQL server database from internal and external threats using best practices as well as specific tricks that the author employs in his role as a consultant for some of the largest SQL server deployments in the world.

Fully updated to cover the latest technology in SQL Server 2014, this new edition walks you through how to secure new features of the 2014 release. New topics in the book include vLANs, setting up RRAS, anti-virus installs, key management, moving from plaintext to encrypted values in an existing application, securing Analysis Services Objects, Managed Service Accounts, OS rights needed by the DBA, SQL Agent Security, Table Permissions, Views, Stored Procedures, Functions, Service Broker Objects, and much more.


information security professionals; administrators of databses, systems, and networks; application developers; IT and security managers; security auditors; security engineers; compliance specialists.

Denny Cherry

Denny Cherry (MCSA, MCDBA, MCTS, MCITP, MCM) has been working with Microsoft technology for over 15 years starting with Windows 3.51 and SQL Server 6.5. In 2009, Denny was named as a Microsoft MVP for the Microsoft SQL Server product, and in 2011 Denny earned the Microsoft Certified Master certification for SQL Server 2008. Denny has written dozens of articles for a variety of websites as well as print magazines on a variety of subjects including SQL Server, Clustering, Storage Configuration, and SharePoint.

Affiliations and Expertise

(MCSA, MCDBA, MCTS, MCITP, MCM) has been working with Microsoft technology for over 15 years starting with Windows 3.51 and SQL Server 6.5.

View additional works by Denny Cherry

Securing SQL Server, 3rd Edition

  • Dedication
  • Author Biography
  • Technical Editor Biography
  • Acknowledgments
  • Introduction
  • Chapter 1: Identifying Security Requirements
    • Abstract
    • What are Security Objectives?
    • When Should Security Objectives been Identified?
    • How to Identify Security Objectives?
  • Chapter 2: Securing the Network
    • Abstract
    • Securing the Network
    • Public IP Addresses versus Private IP Addresses
    • vLANs
    • Accessing SQL Server from Home
    • Physical Security
    • Social Engineering
    • Finding the Instances
    • Testing the Network Security
    • Antivirus Installation on SQL Servers
    • Summary
  • Chapter 3: Key Management
    • Abstract
    • Service Master Key
    • Database Master Key
    • Encryption Password Management
    • Enterprise Key Management
    • High Availability and Disaster Recovery for Key Management
    • Conclusions
  • Chapter 4: Database Encryption
    • Abstract
    • Database Encryption
    • Encrypting Data within Tables
    • Encrypting Data at Rest
    • Encrypting Data on the Wire
    • Encrypting Data with MPIO Drivers
    • Encrypting Data via HBAs
    • Summary
  • Chapter 5: SQL Password Security
    • Abstract
    • Login Types
    • SQL Server Password Security
    • Strong Passwords
    • Password Change Policies
    • Renaming the SA Account
    • Disabling the SA Account
    • Users versus Logins
    • Contained Database Users in SQL Server 2012 and Beyond
    • Schemas
    • Encrypting Client Connection Strings
    • Application Roles
    • Using Windows Domain Policies to Enforce Password Length
    • Contained Users
    • Summary
  • Chapter 6: Securing the Instance
    • Abstract
    • What to Install, and When?
    • SQL Authentication and Windows Authentication
    • Password Change Policies
    • Auditing Failed Logins
    • Renaming the SA Account
    • Disabling the SA Account
    • Securing Endpoints
    • Stored Procedures as a Security Measure
    • Minimum Permissions Possible
    • Instant File Initialization
    • Linked Servers
    • Using Policies to Secure Your Instance
    • SQL Azure Specific Settings
    • Instances that Leave the Office
    • Securing AlwaysOn Availability Groups
    • Securing Contained Databases
    • SQL CLR
    • Extended Stored Procedures
    • Protecting Your Connection Strings
    • Database Firewalls
    • Clear Virtual Memory Pagefile
    • User Access Control (UAC)
    • Other Domain Policies to Adjust
    • Summary
  • Chapter 7: Analysis Services
    • Abstract
    • Logging into Analysis Services
    • Securing Analysis Services Objects
    • Summary
  • Chapter 8: Reporting Services
    • Abstract
    • Setting up SSRS
    • Security within Reporting Services
    • Reporting Services Authentication Options
    • Report Server Object Rights
    • Summary
  • Chapter 9: SQL Injection Attacks
    • Abstract
    • What is an SQL Injection Attack?
    • Why are SQL Injection Attacks so Successful?
    • How to Figure out you have been Attacked
    • How to Protect Yourself from an SQL Injection Attack
    • Cleaning up the Database after a SQL Injection Attack
    • Other Front end Security Issues
    • Using xEvents to Monitor for SQL Injection
    • Summary
  • Chapter 10: Database Backup Security
    • Abstract
    • Overwriting Backups
    • Media set and Backup set Passwords
    • Backup Encryption
    • Transparent Data Encryption
    • Compression and Encryption
    • Offsite Backups
    • Summary
  • Chapter 11: Storage Area Network Security
    • Abstract
    • Securing the Array
    • Securing the Storage Switches
    • Summary
  • Chapter 12: Auditing for Security
    • Abstract
    • Login Auditing
    • Data Modification Auditing
    • Data Querying Auditing
    • Schema Change Auditing
    • Using Policy-based Management to Ensure Policy Compliance
    • C2 Auditing
    • Common Criteria Compliance
    • Summary
  • Chapter 13: Server Rights
    • Abstract
    • SQL Server Service Account Configuration
    • OS Rights Needed by the SQL Server Service
    • OS Rights Needed by the DBA
    • OS Rights Needed to Install Service Packs
    • OS Rights Needed to Access SSIS Remotely
    • Console Apps Must Die
    • Fixed Server Roles
    • User Defined Server Roles
    • Fixed Database Roles
    • User-defined Database Roles
    • Default Sysadmin Rights
    • Vendor’s and the Sysadmin Fixed Server Role
    • Summary
  • Chapter 14: SQL Server Agent Security
    • Abstract
    • Proxies
    • SQL Agent Job Steps
    • Granting Rights to Proxies
    • Job Ownership
    • Summary
  • Chapter 15: Securing Data
    • Abstract
    • GRANTing Rights
    • DENYing Rights
    • REVOKEing Rights
    • Table and view Permissions
    • Stored Procedure Permissions
    • Signing Stored Procedures, Functions and Triggers
    • Function Permissions
    • Service Broker Objects
    • Separation of Duties
    • Summary
  • Appendix A: External Audit Checklists
  • Subject Index

Quotes and reviews

"This book is recommended to both students and database administrators and staff. After reading it, users will better understand the security risks of database systems and the roles of security policies and security methods...a benchmark in terms of practice for securing databases." --Computing Reviews

"Denny Cherry is what would happen if Bill Gates and AC/DC got together to create a sibling. He's a bare-knuckles, no-holds-barred technologist, and you can bet that if he tells you that something works or doesn't work, he's speaking from experience. Active in the community, his passion is sharing. You'll enjoy this book." --Bucky Wood, Senior Technology Specialist, Microsoft

Free Shipping
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy

Contact Us