Which four actions should you perform in sequence?

DRAG DROP

You administer a Microsoft SQL Server instance that contains a database of confidential data. You need to enable Transparent Data Encryption.

Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

View Answer

Answer:

Explanation:

The steps to setup TDE are:

Step 1: Create a master key

We must first create the master key. It must be created in the master database.

Example:

USE master;

GO

CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘<UseStrongPasswordHere>’;

go

Step 2: Create or obtain a certificate protected by the master key

Once the master key is created, we will go ahead and create the actual certificate in the master database, not the user database.

Example:

CREATE CERTIFICATE MyServerCert WITH SUBJECT = ‘My DEK Certificate’;

go

USE AdventureWorks2012;

GO

Step 3: Create a database encryption key and protect it by the certificate

Now, we must utilize our USE command to switch to the database, the user database, that we wish to encrypt. Then we create a connection or association between the certificate that we just created and the actual database.

Example:

USE <DB>

GO CREATE DATABASE ENCRYPTION KEY

WITH ALGORITHM = AES_256

ENCRYPTION BY SERVER CERTIFICATE TDE_Cert;

GO

Step 4: Set the database to use encryption

Example:

ALTER DATABASE AdventureWorks2012

SET ENCRYPTION ON;

GO

References:

https://docs.microsoft.com/en-us/sql/relational­databases/security/encryption/transparent-data-encryption