202 True/False questions

1. Object permissions are permissions that allow a user to act on ___ , such as tables, stored procedures, and views. → database objects

   True        False

2. Ownership chains apply to ___ → The right to modify existing data. Update rights for which a WHERE clause is
   used require select rights as well. Update permission can be set on specific columns.

   True        False

3. The sysadmin role is a powerful one, and you must be sure not to grant it to the ___ user login. → assigned

   True        False

4. Fixed server role: Serveradmin ??? → Can perform bulk insert operations.

   True        False

5. Within SQL Server, users are assigned to roles, which may in turn ___ permission to objects... each object has an owner, and ownership also affects permissions. → grant

   True        False

6. Access, roles, and permissions can be assigned to the Windows user group, and they will apply to ___ → GRANT, REVOKE, and DENY.

   True        False

7. Fixed server role: Securityadmin ??? → Can manage the logins for the server.

   True        False

8. To remove a Windows user or group from SQL Server, you can also use the ___ → server environment.

   True        False

9. Within SQL Server, users are assigned to ___, which may in turn grant permission to objects... each object has an owner, and ownership also affects permissions. → Securables page

   True        False

10. An ___ is a database-specific role intended to allow an application to gain access regardless of the user. → application role

    True        False

11. Instead of granting the permission to a user from the properties of the object, you can also grant permissions to an object from the ___ → properties of the user.

    True        False

12. SQL Server includes ___ . Primarily, these roles grant permission to perform certain server-related administrative tasks. → • Simple Recovery
    • Full Recovery
    • Bulk-Logged

    True        False

13. Incremental backups are smaller and faster than ___ → the last full backup.

    True        False

14. fixed database role: «db_denydatawriter» ??? → Blocks a user from modifying data in any table in the database. This overrides any object-level grant.

    True        False

15. Partial restore ??? → Contains all the data in a specific database or set of filegroups or files to allow recovering that data.

    True        False

16. Backups that SQL Server supports: ??? → Full, differential, and incremental backups.

    True        False

17. A ___ is a logical representation of a person within an electronic system. → last backup of the data.

    True        False

18. Recovery only ??? → Recovers data that is already consistent with the database and needs only to be made available.

    True        False

19. Differential file backups ??? → A backup of one or more files that contain data extents that were changed since the most recent full backup of each file.

    True        False

20. Bulk-Logged ??? → Allows good performance while using the least log space.

    True        False

21. Because SQL Authentication is less secure than Windows logins, avoiding mixed mode is ___ ; however, it is available for backward compatibility. → recommended

    True        False

22. Object permission: Insert ??? → The right to delete existing data.

    True        False

23. Object permission: Update ??? → The right to delete existing data.

    True        False

24. You can manage database access from either the ___ or the database side. → login side

    True        False

25. ___ interacts with the server and database roles. → Granting object permission

    True        False

26. Guest users must be removed from a database when they are no longer welcome, as they are a ___ → risk for a security breach.

    True        False

27. The ___ is used to assign or check object permissions. → SSMS »» database »» open the object to manage (tables, views, stored procedure, functions) »» Properties »» Click the Permissions page »» add user/role »» Select the appropriate Grant to Deny permission.

    True        False

28. Three different types of accounts are available for the SQL Server service account: ___ → Local user account, Local system account, Domain user account.

    True        False

29. If you add a user to the sysadmin role group, that user must reconnect to the SQL Server instance in order for the full capabilities of ___ → full access to every server function, database, and object

    True        False

30. An incremental backup is based on the ___ → full backups and differential backups.

    True        False

31. Differential partial backup ??? → A backup of one or more files that contain data extents that were changed since the most recent full backup of each file.

    True        False

32. To remove Lauren's database access, the system-stored procedure DROP USER requires her database username, not her ___ → the guest user account has been created.

    True        False

33. An application role is a database-specific role intended to allow an ___ → fixed server role.

    True        False

34. Local users can be managed by selecting ___ → Control Panel > Administrative Tools > Computer Management.

    True        False

35. The disadvantages of Full Recovery mode is that the logs ___ → can grow a lot.

    True        False

36. Because SQL Authentication is less secure than Windows logins, avoiding mixed mode is recommended; however, it is available for ___ → recommended

    True        False

37. To add a user to a «database role», follow these steps: → DROP ROLE Manager

    True        False

38. Any user who wishes to access a database but who has not been declared a user within the database is ___ → modified as desired after installation.

    True        False

39. fixed database role: «db_datawriter» ??? → Allows a user to write to all data in the database. This role is the equivalent of a grant on all objects, and it can be overridden by a deny permission.

    True        False

40. Fixed server role: Dbcreator ??? → Can create, alter, drop, and restore databases.

    True        False

41. Transact-SQL command to drop user: ___ → DROP USER userTeste

    True        False

42. Piecemeal restore ??? → Restore specific files or filegroups to a database.

    True        False

43. The following code grants select permission to Joe for the Emails table: → GRANT Select ON Emails TO Joe

    True        False

44. Object permissions are assigned with the SQL DCL commands GRANT, ___ → GRANT, REVOKE, and DENY.

    True        False

45. Creates the «database role» AUDITORS, which is owned by the «db_securityadmin» «fixed database role»: → CREATE ROLE auditors AUTHORIZATION db_securityadmin;

    True        False

46. A user may have multiple permission ___ to an object (e.g., individually, through a standard database role, and through the public role). If any of these ___ are denied, then the user is blocked from accessing the object. → paths

    True        False

47. In the security model for a SQL Server, there are three different methods by which a user can be initially identified: ___ → Latest full backup of the data

    True        False

48. ___ always has a higher priority than the Grant permission. → Deny permission

    True        False

49. A user may have multiple permission paths to an object (e.g., individually, through a standard database role, and through the public role). If any of these paths are denied, then the user is blocked from ___ → paths

    True        False

50. Instead of granting the permission to a user from the ___ , you can also grant permissions to an object from the properties of the user. → properties of the object

    True        False

51. Regardless of an organization's size, the end result of its ___ should be to ensure that users' assigned rights and responsibilities are enforced through a security plan. → backward compatibility.

    True        False

52. Differential backup only backs up data since ___ → establishing or confirming a user or system identity.

    True        False

53. You cannot modify ___ to a fixed server role. → the permissions assigned

    True        False

54. Within SQL Server, users are assigned to roles, which may in turn grant ___ ... each object has an owner, and ownership also affects permissions. → EXEC sp_addrolemember Manager, Joe

    True        False

55. fixed database role: «db_ddladmin» ??? → Authorizes a user to issue DDL commands (create, alter, drop).

    True        False

56. The ___ is a special role that has all permissions in the database. → db_owner

    True        False

57. A particularly powerful permissions organization technique is to design a ___ of standard database roles. → fixed server role.

    True        False

58. You cannot modify the permissions assigned to a ___ → granting, revoking, or denying user login permissions.

    True        False

59. Page restore ??? → A backup of all the full data in the primary filegroup, every read/write filegroup, and any optionally specified read-only files or filegroups. A partial backup of a read-only database contains only the primary filegroup.

    True        False

60. File restore ??? → Restore part of a database.

    True        False

61. File backups should be used only where they clearly add value to your ___ → restore plan.

    True        False

62. Transaction log restore ??? → Restore part of a database.

    True        False

63. Because SQL Server is an environment within the Windows Server system, one of your primary security concerns should be ensuring that the Windows Server itself is ___ → secure.

    True        False

64. Fixed server role: Diskadmin ??? → Can configure the server-wide settings, including setting up full-text searches and shutting down the server.

    True        False

65. Full backup: ___ → Restores a file or filegroup in a multi-filegroup database. After a full file restore, a differential file backup can be restored.

    True        False

66. Using Windows Authentication means that users must have a ___ in order to be recognized by SQL Server → access the object.

    True        False

67. fixed database role: «db_denydatareader» ??? → Authorizes a user to read all data in the database. This role is the equivalent of a grant on all objects, and it can be overridden by a deny permission.

    True        False

68. To restore the AdventureWorks database using the C:\AdventureWorks.BAK backup, you would execute the following command: ___ → database snapshot.

    True        False

69. Restore scenarios possible in SQL Server include the following: ___ → Complete database restore, File restore, Page restore, Piecemeal restore, Recovery only, Transaction log restore, Create a mirror database, Create and maintain a standby server.

    True        False

70. If a user does not have the ___ , the highest level object permission would be the Grant and Deny object permissions. → sysadmin server role

    True        False

71. A permission is used to grant an entity access to an ___ → database snapshot.

    True        False

72. The following code sample assigns Joe to the manager role: → EXEC sp_addrolemember Manager, Joe

    True        False

73. In the Restore options panel, you can choose any of the following options : ___ → Complete database restore, File restore, Page restore, Piecemeal restore, Recovery only, Transaction log restore, Create a mirror database, Create and maintain a standby server.

    True        False

74. You can ___ new backups to any existing backups on a device, or you can overwrite any existing backups. → overwrite

    True        False

75. Full Recovery allows you to ___ → Can perform any activity in the SQL Server installation, regardless of any other permission setting. The sysadmin role even overrides denied permissions on an object.

    True        False

76. Several specific types of object permissions exist: ___ → The right to delete existing data.

    True        False

77. At the SQL Server level, where the database resides, users are known by their ___ . This can be a SQL Server login, a Windows domain login, or a username login. → login names

    True        False

78. Complete database restore ??? → Restores individual pages.

    True        False

79. At restore time, the full backup is restored ___, followed by the most recent differential backup. → first

    True        False

80. Each object's permission is assigned through granting, ___ , or revoking user login permissions. → object.

    True        False

81. Steps to modify an object's permissions: ___ → ALL, SELECT, INSERT, DELETE, REFERENCES, UPDATE, or EXECUTE.

    True        False

82. Only select and update permissions can be set at the column level, because inserts
    and deletes ___ → granting, revoking, or denying user login permissions.

    True        False

83. Fixed server role: Processadmin ??? → Can perform any activity in the SQL Server installation, regardless of any other permission setting. The sysadmin role even overrides denied permissions on an object.

    True        False

84. Object permission: Select ??? → Can perform any activity in the SQL Server installation, regardless of any other permission setting. The sysadmin role even overrides denied permissions on an object.

    True        False

85. Remove the role from the database → Can kill a running SQL Server process.

    True        False

86. In SQL Server, «fixed database roles» include the following: → Authorizes a user to read all data in the database. This role is the equivalent of a grant on all objects, and it can be overridden by a deny permission.

    True        False

87. Over time, as a database is updated, the amount of data that is included in differential backups increases. This makes the backup slower to create and to restore. Eventually, another ___ to provide a new differential base for another series of differential backups. → full backup must be created

    True        False

88. Object permissions are assigned with the SQL DCL commands: ___ → The right to execute stored procedures or user-defined functions.

    True        False

89. The Securables page is used to ___ → assign or check object permissions.

    True        False

90. Users must be explicitly granted access to ___ → any user database.

    True        False

91. Granting object permission interacts with ___ → The right to modify existing data. Update rights for which a WHERE clause is
    used require select rights as well. Update permission can be set on specific columns.

    True        False

92. A user account is ___ → a logical representation of a person within an electronic system.

    True        False

93. The sysadmin role can perform any ___ in the SQL Server installation, regardless of any other permission setting. The sysadmin role even overrides denied permissions on an object. → activity

    True        False

94. Revoking a permission removes the permission that has been assigned, regardless of whether it was a ___ permission. → denied or a granted

    True        False

95. It is important to be aware of the ___ associated with each object in a database because it's possible to inadvertently grant administrative rights to objects or users that should not have them. → rights and permissions

    True        False

96. There are three kinds of database server roles: ___ → assign or check object permissions.

    True        False

97. The ___ is a fixed role, but it can have object permissions like a standard role. Every user is automatically a member of the ___ and cannot be removed, so the ____ serves as a baseline or minimum permission level. → public role

    True        False

98. Transaction log restore ??? → Under the full or bulk-logged recovery model, since the logs record each transaction, restoring from log backups is required to reach a desired recovery point.

    True        False

99. In Transact-SQL code, you can add a user to a fixed database role by using the ___ system stored procedure. → sp_addrole

    True        False

100. Revert a database to the point in time captured by a ___ → Authorizes a user to read all data in the database. This role is the equivalent of a grant on all objects, and it can be overridden by a deny permission.

     True        False

101. It is possible for users who have not been granted direct access to a database to gain access using the ___ user account - and with this account, they can make limited changes within the database server. → "guest"

     True        False

102. Windows Authentication is very robust in that it will authenticate not only Windows users, but also users within ___ → Windows user groups.

     True        False

103. fixed database role: «db_owner» ??? → Authorizes a user to read all data in the database. This role is the equivalent of a grant on all objects, and it can be overridden by a deny permission.

     True        False

104. The one user that SQL Server automatically creates during installation of the software is ___ → BUILTINS/Administrator

     True        False

105. Create and maintain a standby server ??? → When the active server fails, the passive server will become the active server, allowing for minimum downtime.

     True        False

106. Grants all permissions to the «public role» for the Contacts table: → GRANT All ON Contacts TO dbcreator

     True        False

107. fixed database role: «db_datareader» ??? → Can manage the logins for the server.

     True        False

108. Fixed server role: Setupadmin ??? → Can configure the server-wide settings, including setting up full-text searches and shutting down the server.

     True        False

109. Performing a backup operation has minimal effect on ___ → transactions that are running;

     True        False

110. Domain user account is the recommended login account because the SQL Server can then use the ___ specifically created for it. → Active Directory Users and Computers snap-in.

     True        False

111. Differential base or base of the differential ??? → full backups and differential backups.

     True        False

112. At restore time, the ___ , followed by each incremental backup following the full backup. → delayed

     True        False

113. Each object's permission is assigned by ___ → The right to delete existing data.

     True        False

114. Types of partial backups supported by SQL Server: ___ → Partial backup & Differential partial backup

     True        False

115. Revoking a permission ___ the permission that has been assigned, regardless of whether it was a denied permission or a granted permission. → denied or a granted

     True        False

116. Object permission: DRI (References) ??? → The right to insert data.

     True        False

117. Transact-SQL syntax so that you can add the windows username: cbastiao from domain name: WS2008 → database snapshot.

     True        False

118. The guest user account is not actually created when a___ → database is created;

     True        False

119. Usually, a differential base is ___ → used by several successive differential backups.

     True        False

120. Object permissions are permissions that allow a user to act on database objects, such as ___ → modified as desired after installation.

     True        False

121. Ownership chains are great for developing tight security where users execute stored procedures but aren't granted direct permission to ___ → Granting object permission

     True        False

122. A Windows login can be removed from SQL Server through SSMS...this doesn't
     delete the user from ___ ; it only removes the user from SQL Server. → the permissions assigned

     True        False

123. A user may have multiple permission paths to an object (e.g., ___ ). If any of these paths are denied, then the user is blocked from accessing the object. → individually, through a standard database role, and through the public role

     True        False

124. Complete restore ??? → Restores individual pages.

     True        False

125. Simple Recovery requires the ___ since the transaction log backups are truncated on a regular basis. → least administration

     True        False

126. Generically, to restore the database using the specified file, you would execute the following command: ___ → RESTORE DATABASE name_of_database FROM DISK = 'name of backup'

     True        False

127. the following code adds the user login ''XPS\Lauren'' to the sysadmin role: ___ → EXEC sp_addsrvrolemember 'XPS\Lauren', 'sysadmin'

     True        False

128. The guest user account is ___ when a database is created; → not actually created

     True        False

129. The ___ can perform any activity in the SQL Server installation, regardless of any other permission setting. The ___ even overrides denied permissions on an object. → Granting object permission

     True        False

130. ___ only backs up data since the last full backup. → Differential backup

     True        False

131. Within SQL Server, users are assigned to roles, which may in turn grant permission to objects... each object has an owner, and ___ also affects permissions. → Deny permission

     True        False

132. Database backup ??? → A full backup of the whole database.

     True        False

133. The purpose of a database backup is ___ → to have something to restore if data is lost during a business's daily routine.

     True        False

134. Create a mirror database ??? → When the active server fails, the passive server will become the active server, allowing for minimum downtime.

     True        False

135. Fixed server roles are set in SSMS in the Server Roles page of the ___ → assign or check object permissions.

     True        False

136. «Fixed database roles» can be assigned via SSMS using either of the following procedures: ___ → • By adding the role to the user in the user's Database User Properties form (Database » Security » Users » Properties of user )
     • By adding the user to the role in the Database Role Properties dialog (Database » Security » Roles » Database Roles » Properties of role)

     True        False

137. The following code grants select and update permission to the guest user and to LRN: → GRANT Select, Update ON Emails to Guest, LRN

     True        False

138. To create a login using Transact-SQL syntax so that you can add a Windows user or group run the ___ → differential base.

     True        False

139. To grant access to a database from the login side using Object Explorer, use the User Mapping page of the ___. → 1. SSMS »» expand the database folder »» Security folder »» Roles »» Database Roles folder.
     2. Double-click the appropriate role to open the Database Role Properties dialog box.
     3. Add or remove users from the role.

     True        False

140. Differential database backups ??? → Restores an entire database, beginning with a full database backup, which may be followed by restoring a differential database backup (and log backups).

     True        False

141. The most common login method involves supplying a ___ → username and password.

     True        False

142. The db_owner is a special role that has ___ → ALL, SELECT, INSERT, DELETE, REFERENCES, UPDATE, or EXECUTE.

     True        False

143. When you have a ___ server, you are using an active-passive cluster that consists of two or more servers. → standby

     True        False

144. Even though a user may belong to a fixed database role and have certain administrative level permissions, he or she still cannot access data without first being granted permission to ___ (e.g., tables, stored procedures, views, functions). → database objects

     True        False

145. Transactions that are running during the backup are never ___ → Database backup & Differential database backups

     True        False

146. The «sa account» is the built-in SQL administrator account associated with ___ → object.

     True        False

147. There are three kinds of database server roles: fixed roles, the public role, and ___ → db_accessadmin,
     db_backupoperator,
     db_datareader,
     db_datawriter,
     db_ddladmin,
     db_denydatareader,
     db_denydatawriter,
     db_owner,
     db_securityadmin.

     True        False

148. A local user account cannot be used outside the ___ → server environment.

     True        False

149. If a user does not have the sysadmin server role, the highest level object permission would be the ___ → Grant and Deny object permissions.

     True        False

150. Types of file backups supported by SQL Server: ___ → File backup & Differential file backups

     True        False

151. Removes a user from an assigned role: → assign or check object permissions.

     True        False

152. The Windows SID (___) is passed to SQL Server. → File backup & Differential file backups

     True        False

153. You can manage database access from either the login side or the ___ → database side.

     True        False

154. A login or logon is ___ → Recovers data that is already consistent with the database and needs only to be made available.

     True        False

155. A differential backup contains only the data that has changed since the ___ → the last full backup.

     True        False

156. The BUILTINS/Administrators user can be deleted or ___ → security identifier

     True        False

157. Object permission: Execute ??? → The right to execute stored procedures or user-defined functions.

     True        False

158. SQL servers also support mixed mode, which allows you to connect to a SQL server using ___ → Windows authentication or SQL Server authentication.

     True        False

159. Each object's permission is assigned through ___ , denying, or revoking user login permissions. → granting

     True        False

160. Windows Authentication mode is superior to ___ because users don't need to learn yet another password and because it leverages the security design of the network. → mixed mode

     True        False

161. Granting permission means that a user can ___ → access the object.

     True        False

162. Object permission: Delete ??? → The right to delete existing data.

     True        False

163. File backup ??? → A full backup of all the data in one or more files or filegroups.

     True        False

164. user-defined roles are typically employed for users who need to perform ___ but to whom you don't want to grant a role that would permit them do more than what they need to. → fixed roles, the public role, and user-defined roles.

     True        False

165. fixed database role: «db_securityadmin» ??? → Authorizes a user to access the database, but not to manage database level security.

     True        False

166. During a backup operation, SQL Server copies the data directly from the database files to the ___ → backup devices.

     True        False

167. Domain users are managed with tools such as the ___ → Active Directory Users and Computers snap-in.

     True        False

168. The following code creates the manager role: → EXEC sp_addrolemember Manager, Joe

     True        False

169. The sysadmin role can perform any activity in the SQL Server installation, regardless of any other permission setting. The sysadmin role even overrides ___ on an object. → activity

     True        False

170. SQL Server offers three recovery models for each database. They are: ___ → • Simple Recovery
     • Full Recovery
     • Bulk-Logged

     True        False

171. To grant access from the database point of view, use the ___ under the Database > Security > Users node to open the Database User-New form. → User Mapping page

     True        False

172. user-defined roles are typically employed for users who need to perform specific database functions but to whom you don't want to grant a role that would permit them do ___ → more than what they need to.

     True        False

173. Page restore ??? → Allows good performance while using the least log space.

     True        False

174. Users may be assigned to multiple roles, so multiple security paths from a user to an object ___ → database snapshot.

     True        False

175. To grant access to a database from the login side using Object Explorer, use the ___ of the Login Properties form. → database snapshot.

     True        False

176. Each object's permission is assigned through granting, denying, or ___ user login permissions. → denying

     True        False

177. Partial backup ??? → A full backup of the whole database.

     True        False

178. Deny permission always has a higher priority than the ___ → access the object.

     True        False

179. When you have a ___ , you have duplicate databases on multiple servers. → security identifier

     True        False

180. Once users exist in the Windows user list or the Windows domain, SQL Server can ___ → Partial backup & Differential partial backup

     True        False

181. The Transact-SQL RESTORE command enables you to perform the following restore scenarios: ___ → • Overwrite the existing database.
     • Preserve the replication settings.
     • Prompt before restoring each backup.
     • Restrict access to the restored database.

     True        False

182. Types of database backups supported by SQL Server: ___ → security identifier

     True        False

183. A SQL Server login account and related passwords are defined on the SQL server and are not related to ___ → Active Directory or Windows accounts.

     True        False

184. An incremental backup contains only the data that has changed since the ___ → differential base.

     True        False

185. if you add a user to the sysadmin role, that user now has ___ for that server. → Active Directory Users and Computers snap-in.

     True        False

186. Authentication is the act of ___ → a logical representation of a person within an electronic system.

     True        False

187. The Transact-SQL statement to provide permission to an object for a specific user and his or her role is as follows: → GRANT Select, Update ON Emails to Guest, LRN

     True        False

188. Denying permission overrides ___ → a granted permission.

     True        False

189. You can append new backups to any existing backups on a device, or you can ___ any existing backups. → full backups and differential backups.

     True        False

190. File restore ??? → Restores individual pages.

     True        False

191. To restore data through the graphical interface tool, follow these steps: ___ → 1. SSMS »» expand the database folder »» Security folder »» Roles »» Database Roles folder.
     2. Double-click the appropriate role to open the Database Role Properties dialog box.
     3. Add or remove users from the role.

     True        False

192. Any user who wishes to access a database but who has not been declared a user within the database is automatically granted the privileges of the guest user, as long as ___ → database snapshot.

     True        False

193. SQL Server includes fixed, predefined server roles. Primarily, these roles grant permission to ___ → perform certain server-related administrative tasks.

     True        False

194. The assigned permission may be ___ → ALL, SELECT, INSERT, DELETE, REFERENCES, UPDATE, or EXECUTE.

     True        False

195. You can perform a SQL Server backup with minimal effect on ___ → production workloads.

     True        False

196. fixed database role: «db_backupoperator» ??? → Allows a user to perform backups, checkpoints, and DBCC commands,
     but not restores (Only server sysadmins can perform restores.)

     True        False

197. fixed database role: «db_accessadmin» ??? → Can kill a running SQL Server process.

     True        False

198. Fixed server role: Sysadmin ??? → Can perform any activity in the SQL Server installation, regardless of any other permission setting. The sysadmin role even overrides denied permissions on an object.

     True        False

199. The public role is a fixed role, but it can have object permissions like a standard role. Every user is automatically a member of the public role and cannot be removed, so the public role serves as ___ → GRANT Permission, Permission
     ON Object
     TO User/role, User/role
     WITH GRANT OPTION

     True        False

200. Fixed server role: Bulkadmin ??? → Can create, alter, and drop disk files.

     True        False

201. A Transact-SQL command to grant database access to a user: ___ → CREATE USER [LRN]
     FROM LOGIN [WS2008\cbastiao]

     True        False

202. The counterpart to creating a role is removing it. A role may not be dropped if any users are currently ___ to it. → assigned

     True        False