Answer C is incorrect because this syntax is used to create a database encryption key.. Answer D is incorrect because this syntax is used to start the encryption scan.. Answers A, C, a
Trang 1The correct answer is B Answer A is incorrect because this syntax is used to
create a certificate initially Answer C is incorrect because this syntax is used to
create a database encryption key Answer D is incorrect because this syntax is
used to start the encryption scan
7 Which sys catalog view is used to monitor the progress of an encryption scan?
A Sys.configurations
B Sys.certificates
C Sys.key_encryptions
D Sys.dm_database_encryption_keys
The correct answer is D Answers A, B, and C are incorrect because they will
not display the progress of an encryption scan
8 When transparent data encryption (TDE) is enabled, which of the following
system catalog views will the database show as encrypted?
A Sys.databases
B Sys.all_objects
C Sys.all_columns
D Sys.configurations
The correct answer is A Answers B, C, and D are incorrect because the
“is_encrypted” column is not available in these system views
9 When transparent data encryption (TDE) is enabled, database backups are
encrypted If you cannot locate the associated Certificate and private key files,
what happens to the data if you need to restore the encrypted database?
A Everything will be readable since the Certificate and private key can be
recreated
B The data will not be readable since the Certificate and private key files are
lost
C Only encrypted columns will not be readable
D Everything will be readable once the database encryption has been turned
off in the master database
The correct answer is B Answers A, C, and D are incorrect since the original
Certificate and private key files are required to decrypt the database It is very
important to store these files in a secure location other than with the database
backup to mitigate the possibility of not being able to decrypt a database
Trang 210 In which edition of SQL Server 2008 is cell-level encryption available?
A Only in the Enterprise edition
B Only in the Web edition
C Only in the Workgroup edition
D All SQL Server 2008 editions
The correct answer is D Answers A, B, and C are incorrect because cell-level
encryption is not limited to only one edition of SQL Server 2008
11 When using cell-level encryption which data type is required in order to encrypt the data?
A VARCHAR
B No special data type is necessary
C BINARY
D VARBINARY
The correct answer is D Using the VARBINARY is required when using cell-level encryption, making answers A, B, and C incorrect.
12 What is the query performance impact when using cell-level encryption?
A There is a positive query performance impact since there are only specific columns that are encrypted
B There is a negative query performance impact since data types have to be converted from varbinary to the correct data type and primary keys and indexes are not used, resulting in full table scans
C There is a negative query performance impact unless TDE has been enabled
D There is a positive query performance impact as long as TDE has been enabled
The correct answer is B Answers A, C, and D are incorrect since these
con-figurations would not have an impact on query performance
13 Cell-level encryption is best used in which of the following?
A Performance sensitive situations
B All situations
C Limited access control through the use of passwords situations
D Situations when a password is not needed to access the encrypted data
Trang 3The correct answer is C Answer A is incorrect and is a consideration that
would result in the use of TDE Answer B is incorrect because cell-level
encryption is not recommended in all situations because of the performance
impact Answer D is incorrect because passwords are required when using
cell-level encryption
14 Which of the following best describes the difference between symmetric and
asymmetric keys?
A An asymmetric key uses the same password to encrypt and decrypt the
data and a symmetric key uses a public key to encrypt the data and a
private key to decrypt the data
B An asymmetric key uses the same password to encrypt and decrypt the
data and a symmetric key uses a private key to encrypt and a public key to
decrypt the data
C A symmetric key uses the same password to encrypt and decrypt the data
and an asymmetric key uses a public key to encrypt and a different
password/private key to decrypt the data
D A symmetric key uses the same password to encrypt and decrypt the data
and an asymmetric key uses a private key to encrypt and a different
password/public key to decrypt the data
The correct answer is C Answers A, B, and D are incorrect because the
combinations of passwords used for encrypting and decrypting do not accurately describe symmetric and asymmetric keys
15 Which of the following best describes EFS encryption?
A Encryption occurs at the file-level
B Encryption occurs at the database-level
C Encryption occurs at the cell-level
D Encryption occurs at the server-level
The correct answer is A Answers B, C, and D are incorrect because
Encrypting File System (EFS) – encryption only occurs at the file-level
16 When you are using Encrypting File Service (EFS) with SQL Server, which
SQL server account must have access to file encryption keys encrypting any
database files?
A SQL Server agent account
B Database server, service account
Trang 4C SA account
D SQL executive account
The correct answer is B Answers A, C, and D are incorrect since these
accounts are not used to access database files
17 In which of the following is EFS best used?
A Web server
B Database server
C Workstation
D Application server
The correct answer is C EFS is best used when the database is primarily used
by a small set of users so answers A, B, and D are incorrect.
18 Which of the following best describes SQL Server 2008 Extensible Key Management?
A Enables third-party EKM/HSM vendors to register their modules in SQL Server
B Enables easy management of Encrypting File System (EFS) encryption
C Enables easy creation of an EKM key with another EKM key
D Enables easy back up of a database encryption key
The correct answer is A Answer B is incorrect because SQL Server 2008
extensible key management does not provide the functionality to manage EFS
encryption Answer C is incorrect because an EKM key cannot be created with another EKM key so this cannot be done using EKM Answer D is
incorrect because EKM does not provide the functionality to back up a database encryption key; this is done using T-SQL
19 In which of the following editions of SQL Server 2008 is Extensible Key Management available?
A Workgroup edition
B Web edition
C Enterprise edition
D Express edition
Trang 5The correct answer is C SQL Server 2008 Extensible Key Management is
available in the Enterprise, Developer, and Evaluation editions so Answers A,
B, and D are incorrect.
20 Which system stored procedure is used to enable Extensible Key Management?
A Sys.dboption
B Sys.sp_configure
C Sys.sp_helpdb
D Sys.sp_addextendedproc
The correct answer is B Only the sys.sp_configure stored procedure provides
the ability to enable Extensible Key Management so answers A, C, and D are
incorrect These stored procedures do not provide the necessary functionality
Chapter 6: Managing High Availability
1 You are designing a new database server for your company You wish to store the
database’s MDF file and NDF files on the most cost efficient storage possible,
while providing a redundant storage solution Your database will be 95% reads,
and 5% writes What RAID level should you use for your MDF and NDF files?
A RAID 0
B RAID 1
C RAID 5
D RAID 10
Answer C is the correct answer Although RAID 0 is more cost effective than
RAID 5, RAID 0 has no redundancy built into it RAID 1 and RAID 10 are
less cost effective then RAID 5 because of the one-to-one copying that is
done, which reduces the number of hard drives available in the RAID array by half
2 You are configuring log shipping on your OLTP database from one data center
to another You need to ensure that the minimum amount of bandwidth is used
when moving the logs from your primary site to the backup site When
config-uring the log backups, which option should you select to meet your goal?
A Use the default server setting
B Compress backup