70-473 · Question #54
You need to design a security strategy to support the planned changes for the customer databases, The solution must meet the security requirements. Which two security roles should you grant to the cus
The correct answer is A. db_datawriter B. dbcreator. To provide customers with the ability to manage their own database environments and modify data, dbcreator and db_datawriter roles should be granted.
Question
Options
- Adb_datawriter
- Bdbcreator
- Cdb_ddladmin
- Ddb_datareader
How the community answered
(54 responses)- A83% (45)
- C6% (3)
- D11% (6)
Why each option
To provide customers with the ability to manage their own database environments and modify data, `dbcreator` and `db_datawriter` roles should be granted.
The `db_datawriter` role allows users to perform data manipulation language (DML) operations such as INSERT, UPDATE, and DELETE on all user tables within a database.
The `dbcreator` role grants a user the ability to create, alter, and drop databases, which is necessary if customers are responsible for managing the lifecycle of their own database instances.
The `db_ddladmin` role permits data definition language (DDL) operations within a specific database, but not the creation or deletion of entire databases themselves, which `dbcreator` provides.
The `db_datareader` role only allows users to read data from all user tables in a database and does not provide write access or database creation privileges.
Concept tested: SQL Server database roles and permissions
Source: https://learn.microsoft.com/en-us/sql/relational-databases/security/authentication-access/database-level-roles
Topics
Community Discussion
No community discussion yet for this question.