70-465 Question #25: Real Exam Question with Answer & Explanation

Question

Drag and Drop Question You plan to deploy SQL Server 2014. You identify the following security requirements for the deployment: - Users must be prevented from intercepting and reading the T-SQL statements sent from the clients to the database engine. - All database files and log files must be encrypted if the files are moved to another disk on another server. You need to identify which feature meets each security requirement. The solution must minimize processor overhead. Which features should you identify? To answer, drag the appropriate feature to the correct requirement in the answer area. Answer:

Explanation

SSL (Secure Socket Layer) encrypts data in transit between clients and the SQL Server database engine, preventing interception of T-SQL statements over the network with minimal processor overhead compared to application-level encryption. Transparent Data Encryption (TDE) encrypts the physical database and log files at rest at the page level, meaning that if the files are physically moved to another disk or server, they remain encrypted and unreadable without the proper certificates - this directly satisfies the second requirement. TDE is preferred over EFS or BitLocker for database file encryption because it is SQL Server-native, operates transparently, and is specifically designed to protect data files and log files with minimal administrative and processor overhead.

No community discussion yet for this question.