Page 42 - DCAP508_DATABASE_ADMINISTRATION
P. 42
Database Administration
Notes Web servers and Domain Name System (DNS) servers do not require NetBIOS or SMB. On these
servers, disable both protocols to reduce the threat of user enumeration.
2.5.2 After Installing SQL Server
After installation, you can enhance the security of the SQL Server installation by following these
best practices regarding accounts and authentication modes:
Service accounts
Run SQL Server services by using the lowest possible permissions.
Associate SQL Server services with low privileged Windows local user accounts, or domain
user accounts.
Authentication mode
Require Windows Authentication for connections to SQL Server.
Use Kerberos authentication.
Strong passwords
Always assign a strong password to the sa account.
Always enable password policy checking for password strength and expiration.
Always use strong passwords for all SQL Server logins.
Self Assessment
State true or false:
6. FAT is the preferred file system for installations of SQL Server because it is more stable
and recoverable than NTFS file systems.
7. If you use EFS, database files will be encrypted under the identity of the account running
SQL Server.
8. NetBIOS uses the following ports: UDP/137 (NetBIOS name service) and UDP/138 (NetBIOS
datagram service) only.
9. SMB uses the following ports: TCP/139 and TCP/445
10. Web servers and Domain Name System (DNS) servers do not require NetBIOS or SMB.
2.6 Summary
The SQL Server Installation Wizard is Windows Installer-based. It provides a single feature
tree to install all SQL Server components:
There are various ways of installing SQL server.
SQL Server Setup requires Microsoft Windows Installer 4.5 or a later version, and Microsoft
Data Access Components (MDAC) 2.8 SP1 or a later version.
Microsoft Internet Explorer 6 SP1 or a later version is required for all installations of SQL
Server 2008.
36 LOVELY PROFESSIONAL UNIVERSITY
