70-450 Question #131: Real Exam Question with Answer & Explanation

Question

Options

• ATransparent database encryption should be utilized.
• BWindows BitLocker Drive Encryption technology should be utilized.
• CThe BACKUP statement should be utilized along with the PASSWORD option.
• DThe BACKUP statement should be utilized along with the MEDIAPASSWORD option.

Explanation

You can take several precautions to help secure the database such as designing a secure system, encrypting confidential assets, and building a tirewall around the database servers. However, in a scenario where the physical media (such as drives or backup tapes) are stolen, a malicious party can just restore or attach the database and browse the data. One solution is to encrypt the sensitive data in the database and protect the keys that are used to encrypt the data with a certificate. This prevents anyone without the keys from using the data, but this kind of protection must be planned in advance. Transparent data encryption (TDE) per to rms real-time It encryption and decryption of the data and log files, The encryption uses a database encryption key (DEK), which is stored in the database boot record for availability during recovery. The DEK is a symmetric key secured by using a certificate stored in the master database of the server or an asymmetric key protected byan EKM module. TDE protects data "at rest", meaning the data and log tiles. It provides the ability to comply with many laws, regulations, and guidelines established in various industries. This enables software developers to encrypt data by using AES and 3DES encryption algorithms without changing existing applications.

No community discussion yet for this question.