ISACA New York Metropolitan Chapter

Auditing MS SQL Server Databases






 

TWO-DAY WORKSHOP
December 15-16, 2003

Microsoft's SQL Server is the fastest growing Relational Database Management System (RDBMS) in the world and many organizations are using it to store their mission-critical information. Yet some of these same enterprises are not using SQL Server to secure that data appropriately.

 

Attend this comprehensive seminar to learn how to configure SQL Server to ensure that it is secured and auditable. You'll see demonstrations to illustrate just how it's done. You'll understand the different security modes to allow either integration with Microsoft's Windows NT access control mechanisms or a stand-alone user identification and authentication mechanism. Releases 6.5, 7 and 8 are contrasted.

At This Seminar You Will Learn:

  • Name four critical functions performed by SQL Server
  • Understand and use SQL Server terms, such as, “procedure”, “alias”, “database user”, “sa” and “ownership chain”
  • Understand how object definitions impact the security and control of an application
  • List three integrity features of SQL Server and how to determine if they are in use
  • Access the System Tables to obtain information about how critical objects are defined
  • List five important components of the standard SQL Server security mechanism
  • Define the different security modes for Microsoft SQL Server
  • Describe two additional SQL Server security features
  • Identify three high-risk Microsoft provided utilities
  • Understand how stored procedures can be used to collect server evidence

Audience:

Experienced IT Security Specialists, IT Auditors, and Quality Assurance personnel. Systems Programmers, Systems Analysts, Audit Managers, Database Administrators and System Administrators may also benefit from attendance.

 

Prerequisites:

Participants should first have training in the audit and security of their operating system environment.

Speaker:

Betty Dorsey, Automated Design Enterprises

For questions, please contact:

Yonique Malbranche at (212) 576-6726 / Yonique_Malbranche@newyorklife.com

or Katrina Quintus at (646) 557-1327 / Katrina.L.Quintus@db.com

  
Copyright © 2002 Information Systems Audit and Control Association (ISACA™). All rights reserved.

Last updated February 6, 2004 12:35 PM