Administering a SQL Database Infrastructure

5 Days

Introduction

This five-day instructor-led course provides people who administer and maintain SQL Server databases with the knowledge and skills to administer a SQL server database infrastructure. Additionally, it will be of use to individuals who develop applications that deliver content from SQL Server databases.

 Audience profile

The primary audience for this course is individuals who administer and maintain SQL Server databases. These individuals perform database administration and maintenance as their primary area of responsibility, or work in environments where databases play a key role in their primary job.

The secondary audiences for this course are individuals who develop applications that deliver content from SQL Server databases.

Prerequisites

In addition to their professional experience, participants who attend this training should already have the following technical knowledge:

• Basic knowledge of the Microsoft Windows operating system and its core functionality.
• Working knowledge of Transact-SQL.
• Working knowledge of relational databases.
• Some experience with database design.

Programme Objectives

After completing this course, participants will be able to:

• Authenticate and authorize users
• Assign server and database roles
• Authorize users to access resources
• Protect data with encryption and auditing
• Describe recovery models and backup strategies
• Backup SQL Server databases
• Restore SQL Server databases
• Automate database management
• Configure security for the SQL Server agent
• Manage alerts and notifications
• Managing SQL Server using PowerShell
• Trace access to SQL Server
• Monitor a SQL Server infrastructure
• Troubleshoot a SQL Server infrastructure
• Import and export data

Programme Content

Module 1: SQL Server Security

Protection of data within your Microsoft SQL Server databases is essential and requires a working knowledge of the issues and SQL Server security features. This module describes SQL Server security models, logins, users, partially contained databases, and cross-server authorization.

Lessons

• Authenticating Connections to SQL Server
• Authorizing Logins to Connect to databases
• Authorization Across Servers
• Partially Contained Databases

Lab : Authenticating Users

• Create Logins
• Create Database Users
• Correct Application Login Issues
• Configure Security for Restored Databases

After completing this module, you will be able to:

• SQL Server basic concepts.
• SQL Server connection authentication.
• User login authorization to databases.
• Partially contained databases.
• Authorization across servers.

Module 2: Assigning Server and Database Roles

Using roles simplifies the management of user permissions. With roles, you can control authenticated users’ access to system resources based on each user’s job function—rather than assigning permissions user-by-user, you can grant permissions to a role, then make users members of roles. Microsoft SQL Server includes support for security roles defined at server level and at database level.

Lessons

• Working with server roles
• Working with Fixed Database Roles
• Assigning User-Defined Database Roles

Lab : Assigning server and database roles

• Assigning Server Roles
• Assigning Fixed Database Roles
• Assigning User-Defined Database Roles
• Verifying Security

After completing this module, you will be able to:

• Describe and use server roles to manage server-level security.
• Describe and use fixed database roles.
• Use custom database roles and application roles to manage database-level security.

Module 3: Authorizing Users to Access Resources

In the previous modules, you have seen how Microsoft SQL Server security is organised and how sets of permissions can be assigned at the server and database level by using fixed server roles, user-defined server roles, fixed database roles, and application roles. The final step in authorizing users to access SQL Server resources is the authorization of users and roles to access server and database objects. In this module, you will see how these object permissions are managed. In addition to access permissions on database objects, SQL Server provides the ability to determine which users are allowed to execute code, such as stored procedures and functions. In many cases, these permissions and the permissions on the database objects are best configured at the schema level rather than at the level of the individual object. Schema-based permission grants can simplify your security architecture. You will explore the granting of permissions at the schema level in the final lesson of this module.

Lessons

• Authorizing User Access to Objects
• Authorizing Users to Execute Code
• Configuring Permissions at the Schema Level

Lab : Authorizing users to access resources

• Granting, Denying, and Revoking Permissions on Objects
• Granting EXECUTE Permissions on Code
• Granting Permissions at the Schema Level

After completing this module, you will be able to:

• Authorize user access to objects.
• Authorize users to execute code.
• Configure permissions at the schema level.

Module 4: Protecting Data with Encryption and Auditing

When configuring security for your Microsoft SQL Server systems, you should ensure that you meet any of your organisation’s compliance requirements for data protection. Organisations often need to adhere to industry-specific compliance policies, which mandate auditing of all data access. To address this requirement, SQL Server provides a range of options for implementing auditing. Another common compliance requirement is the encryption of data to protect against unauthorized access in the event that access to the database files is compromised. SQL Server supports this requirement by providing transparent data encryption (TDE). To reduce the risk of information leakage by users with administrative access to a database, columns containing sensitive data—such as credit card numbers or national identity numbers—can be encrypted using the Always Encrypted feature. This module describes the available options for auditing in SQL Server, how to use and manage the SQL Server Audit feature, and how to implement encryption.

Lessons

• Options for auditing data access in SQL Server
• Implementing SQL Server Audit
• Managing SQL Server Audit
• Protecting Data with Encryption

Lab : Using Auditing and Encryption

• Working with SQL Server Audit
• Encrypt a Column as Always Encrypted
• Encrypt a Database using TDE

After completing this module, you will be able to:

• Describe the options for auditing data access.
• Implement SQL Server Audit.
• Manage SQL Server Audit.
• Describe and implement methods of encrypting data in SQL Server.
• Implement encryption

Module 5: Recovery Models and Backup Strategies

One of the most important aspects of a database administrator's role is ensuring that organisational data is reliably backed up so that, if a failure occurs, you can recover the data. Even though the computing industry has known about the need for reliable backup strategies for decades—and discussed this at great length—unfortunate stories regarding data loss are still commonplace. A further problem is that, even when the strategies in place work as they were designed, the outcomes still regularly fail to meet an organisation’s operational requirements. In this module, you will consider how to create a strategy that is aligned with organisational needs, based on the available backup models, and the role of the transaction logs in maintaining database consistency.

Lessons

• Understanding Backup Strategies
• SQL Server Transaction Logs
• Planning Backup Strategies

Lab : Understanding SQL Server recovery models

• Plan a Backup Strategy
• Configure Database Recovery Models
• After completing this module, you will be able to:
• Describe various backup strategies.
• Describe how database transaction logs function.
• Plan SQL Server backup strategies.

Module 6: Backing Up SQL Server Databases

In the previous module, you learned how to plan a backup strategy for a SQL Server system. You can now learn how to perform SQL Server backups, including full and differential database backups, transaction log backups, and partial backups. In this module, you will learn how to apply various backup strategies.

Lessons

• Backing Up Databases and Transaction Logs
• Managing Database Backups
• Advanced Database Options

Lab : Backing Up Databases

• Backing Up Databases
• Performing Database, Differential, and Transaction Log Backups
• Performing a Partial Backup

After completing this module, you will be able to:

• Perform backups of SQL Server databases and transaction logs.
• Manage database backups.
• Describe advanced backup options.

Module 7: Restoring SQL Server 2016 Databases

In the previous module, you learned how to create backups of Microsoft SQL Server 2016 databases. A backup strategy might involve many different types of backup, so it is essential that you can effectively restore them. You will often be restoring a database in an urgent situation. You must, however, ensure that you have a clear plan of how to proceed and successfully recover the database to the required state. A good plan and understanding of the restore process can help avoid making the situation worse. Some database restores are related to system failure. In these cases, you will want to return the system as close as possible to the state it was in before the failure. Some failures, though, are related to human error and you might wish to recover the system to a point before that error. The point-in-time recovery features of SQL Server 2016 can help you to achieve this. Because they are typically much larger, user databases are more likely to be affected by system failures than system databases. However, system databases can be affected by failures, and special care should be taken when recovering them. In particular, you need to understand how to recover each system database because you cannot use the same process for all system databases. In this module, you will see how to restore user and system databases and how to implement point-in-time recovery.

Lessons

• Understanding the Restore Process
• Restoring Databases
• Advanced Restore Scenarios
• Point-in-Time Recovery

Lab : Restoring SQL Server Databases

• Restoring a Database Backup
• Restring Database, Differential, and Transaction Log Backups
• Performing a Piecemeal Restore

After completing this module, you will be able to:

• Explain the restore process.
• Restore databases.
• Perform advanced restore operations.
• Perform a point-in-time recovery.

Module 8: Automating SQL Server Management

The tools provided by Microsoft SQL Server make administration easy when compared to some other database engines. However, even when tasks are easy to perform, it is common to have to repeat a task many times. Efficient database administrators learn to automate repetitive tasks. This can help to avoid situations where an administrator forgets to execute a task at the required time. Perhaps more importantly, the automation of tasks helps to ensure that they are performed consistently, each time they are executed. This module describes how to use SQL Server Agent to automate jobs, how to configure security c