70-465 Question #64: Real Exam Question with Answer & Explanation

The correct answer is C: A credential. To meet security requirements for junior database administrators who need to perform tasks without directly exposing sensitive credentials, a SQL Server credential should be recommended.

Submitted by deeparc· Mar 5, 2026Design database security solutions

Question

You need to recommend a solution to meet the security requirements of the junior database administrators. What should you include in the recommendation?

Options

AA server role
BA database role
CA credential
DA shared login

Explanation

To meet security requirements for junior database administrators who need to perform tasks without directly exposing sensitive credentials, a SQL Server credential should be recommended.

Common mistakes.

A. A server role grants server-level permissions broadly, which would not restrict or secure access in the granular way required for junior DBAs who should have limited, controlled access.
B. A database role grants database-level permissions to users but does not address the need to securely delegate access to external resources or mask authentication credentials from junior administrators.
D. A shared login would reduce security by having multiple users share the same authentication identity, making it impossible to audit individual actions and violating the principle of least privilege.

Concept tested. SQL Server credentials for secure delegated access

Reference. https://learn.microsoft.com/en-us/sql/relational-databases/security/authentication-access/credentials-database-engine

Topics

#SQL Server security#Credentials#DBA permissions

Community Discussion

No community discussion yet for this question.

Full 70-465 Practice Browse All 70-465 Questions