Database Reference
In-Depth Information
9.
All data transmitted across a network between SQL Server and the client application
will be encrypted using the self-signed certificate.
As seen in the preceding screenshot, the two feature options - which are advanced settings
to set both service-binding and channel-binding - will be affected when the selected instance
is restarted.
How it works...
The Extended Protection (EP) feature is managed using the Windows Operating System's
User Access Control (UAC) methods. The UAC reduces the number of programs that run with
elevated privileges, thereby helping to prevent users from accidentally changing the system
settings that reduce any unprecedented attacks by unknown sources. In order to manage
the security validations, security internals will authenticate three areas, namely: Principals,
Securables, and Permissions.
By default, the improvements from SQL Server 2008 and Windows Server
2008 operating system decrease the surface and the attack area from SQL
Server with an artifact of 'least privileged' policy and additional separation of
Windows Administrators and SQL Server System Administrator (SA).
By default, the local Windows group BUILTIN\Administrator is no longer
allowed to access the SQL Server instance with an elevated privilege of
sysadmin
with that of a fixed server role on the new SQL Server 2008 R2
installations.
Search WWH ::
Custom Search