What are the steps you will take, if you are tasked with securing an SQL Server?

Posted by

To view Verified answers click on the button below.

Again this is another open ended question. Here are some things you could talk about:
Preferring NT authentication, using server, database and application roles to control access
to the data, securing the physical database files using NTFS permissions, using an
unguessable SA password, restricting physical access to the SQL Server, renaming the
Administrator account on the SQL Server computer, disabling the Guest account, enabling
auditing, using multiprotocol encryption, setting up SSL, setting up firewalls, isolating SQL
Server from the web server etc.