TNT4-05 <SLIDETITLE>Entry Slide</SLIDETITLE>

TNT4-05 <SLIDETITLE>Entry Slide</SLIDETITLE>
<KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT></SLIDESCRIPT> <SLIDETRANSITION></SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Difusión por el Web de SQL Server 2005 Parte 4: Seguridad de SQL Server 2005
<SLIDETITLE>SQL Server 2005 Security</SLIDETITLE> <KEYWORDS>Session Title</KEYWORDS> <KEYMESSAGE>Welcome to the SQL Server 2005 Security Webcast.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Hello and Welcome to this session on SQL Server 2005 Administration Tools. My name is {insert name}. Microsoft SQL Server 2005 is comprehensive, integrated, data management, and analysis software that empowers users across your organization by providing a more secure, reliable, and productive data platform for your enterprise line of business and analytical applications. To help database administrators and IT professionals get up to speed on the product quickly, we have created this 10 part Webcast series. This is the fourth part, and describes the security enhancements implemented in SQL Server 2005. </SLIDESCRIPT> <SLIDETRANSITION> Here’s what we will cover today. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Lo que vamos a cubrir: Modelo de seguridad de SQL Server 2005
Autenticación de SQL Server 2005 Esquemas de SQL Server 2005 Contexto de la ejecución del módulo SQL Server 2005 Permisos de SQL Server 2005 <SLIDETITLE>What We Will Cover</SLIDETITLE> <KEYWORDS>SQL Server Security Model; authentication; Schemas; Module Execution; Permissions</KEYWORDS> <KEYMESSAGE>This is what will be covered in this session. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> This Webcast covers the security mechanisms implemented in SQL Server We will begin by investigating the security model used by SQL Server including a look at authentication methods. The new version of SQL Server revises the role of schemas. We will look at how schemas are used and the assigning of security contexts to the execution of modules. Finally we will look at the granularity of assigned permissions. </SLIDESCRIPT> <SLIDETRANSITION>To get the most out of this session, you should have the following knowledge and experience.</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Nivel 200 Conocimiento previo
Experiencia en dar soporte a los Servidores Windows 2003 Experiencia en administrar y dar mantenimiento a SQL Server 2000 Experiencia en administrar bases de datos <SLIDETITLE>Prerequisite Knowledge</SLIDETITLE> <KEYWORDS>Prerequisite Knowledge</KEYWORDS> <KEYMESSAGE>To get the most out of this session, you should be familiar with these topics.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> To get the most out of this session, you should have knowledge of the following topics: You should have experience supporting Windows 2003 servers. We also assume that you are familiar with managing and maintaining SQL Server 2000. Finally, you should have experience administering databases. </SLIDESCRIPT> <SLIDETRANSITION>Now let’s look at the session agenda.</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION> Nivel 200

Agenda Repaso Modelo de seguridad de SQL Server 2005
Autenticación y política de contraseña basado en punto final Separación del esquema del usuario Contexto de ejecución del módulo Permisos granulares <SLIDETITLE>Agenda</SLIDETITLE> <KEYWORDS>Agenda</KEYWORDS> <KEYMESSAGE> This is the agenda for this session. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> We’ll start by reviewing the previous Webcast: Achieving Greater Concurrency. Then we’ll move onto the topics in this Webcast on SQL Server 2005 security. The first item examines the SQL Server security model. We will see how the implemented security mechanisms fit together to enable secure access and data protection. The second item considers the creation and securing of endpoints and the integration of the Windows password policy. The third item looks at the role of schemas in creating a secure infrastructure. The fourth item discusses the use of module execution context to protect access to data. Lastly we will investigate the granularity of security permissions. </SLIDESCRIPT> <SLIDETRANSITION> Let's start by reviewing some of the topics from the previous Webcast on achieving greater concurrency… </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Instantánea comprometida para lectura Aislamiento de instantánea
Repaso Aislamiento de la instantánea ALTER DATABASE AdventureWorks SET READ_COMMITTED_SNAPSHOT ON ALTER DATABASE AdventureWorks SET ALLOW_SNAPSHOT_ISOLATION ON SET TRANSACTION ISOLATION LEVEL SNAPSHOT <SLIDETITLE>Snapshot Isolation</SLIDETITLE> <KEYWORDS>READ_COMMITTED_SNAPSHOT; ALLOW_SNAPSHOT_ISOLATION; snapshot isolation</KEYWORDS> <KEYMESSAGE>SQL Server 2005 provides the READ_COMMITTED_SNAPSHOT and ALLOW_SNAPSHOT_ISOLATION approaches to improve concurrency by using row versioning</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> SQL Server 2005 provides two ways to use row versioning to improve concurrency. You can use snapshot semantics with the READ COMMITTED isolation level by setting the READ_COMMITTED_SNAPSHOT database option When the database has the READ_COMMITTED_SNAPSHOT option enabled, sessions that use the READ COMMITTED isolation level will automatically use row versioning. You can also use row locking by setting the ALLOW_SNAPSHOT_ISOLATION database option and executing the SET TRANSACTION ISOLATION LEVEL SNAPSHOT statement at the beginning of the session in order to use snapshot isolation. One of the most significant differences between the two approaches is that when row versioning is used with the READ COMMITTED isolation level, read operations always return the most recently committed version of the data before the current statement. As a result, if a transaction contains two statements that retrieve the same data, the second statement could retrieve different values from the first if the data has been updated by another transaction in the intervening interval. The SNAPSHOT isolation level on the other hand always retrieves the last committed value before the current transaction; so multiple requests for the same data always return the same version. This difference in behavior when retrieving data creates a subtle, but important distinction between the data modification semantics implemented by the two approaches. When using READ COMMITTED with row versioning, a user can read some data, and later in the same transaction the user can update the data, even if it has been modified by another transaction since it was read. When using SNAPSHOT isolation level, this “lost update” scenario is prevented by automatic conflict detection, which raises and error and rolls back the transaction. </SLIDESCRIPT> <SLIDETRANSITION>Now let’s recap another way to improve concurrency: Database Snapshots.</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION> Instantánea comprometida para lectura Aislamiento de instantánea Opción de base de datos READ_COMMITTED_SNAPSHOT ALLOW_SNAPSHOT_ISOLATION Nivel de aislamiento de la sesión READ COMMITTED (Predeterminado) SNAPSHOT Lectura de la versión Información comprometida antes de la isntrucción Información comprometida antes de la operación Detección de conflictos Ninguno Automático

Repaso Instantáneas de la base de datos
BD Fuente BD Instantánea ACTUALIZAR … SELECCIONAR … <SLIDETITLE>How Database Snapshots Work (3 of 3)</SLIDETITLE> <KEYWORDS>Database Snapshots Sparse Files</KEYWORDS> <KEYMESSAGE>A Database Snapshot is a read-only, point-in-time copy of a database.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Database snapshots are read-only copies of the database. They provide a static view of the database. The data available in a snapshot will not change over time. Snapshots return data that was committed at the time the snapshot was created. Snapshots do not store all data pages—only the pages that have changed since the snapshot was created. Therefore, when a snapshot is created, the data files are empty. Snapshots use NTFS Sparse files, which start small and grow as space is needed. When a database snapshot is queried, SQL Server will read the original data. The data will either come from the snapshot data pages if the data has been modified since the snapshot was created, or from the source database data pages. </SLIDESCRIPT> <SLIDETRANSITION>Now we’ll revisit some dynamic management views that you can use to monitor concurrency related issues such as locks and transactions.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> SELECCIONAR … Copiar al escribir

Repaso Vistas dinámicas de administración
Vistas dinámicas de administración para bloqueos y operaciones sys.dm_tran_locks sys.dm_tran_active_transactions sys.dm_tran_database_transactions sys.dm_tran_session_transactions <SLIDETITLE>Dynamic Management Views</SLIDETITLE> <KEYWORDS>Dynamic Management Views; Locks; Transactions</KEYWORDS> <KEYMESSAGE>There are four dynamic management views that you can use to monitor locking and isolation.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> There are four dynamic management views that you can use to monitor locking and isolation: sys.dm_tran_locks retrieves information about the locks currently being held throughout the database server. sys.dm_tran_active_transactions, sys.dm_tran_database_transactions, and sys.dm_tran_session_transactions retrieve information about the transactions currently being performed throughout the database system. You can write queries that join these views to monitor all aspects of locking and transaction isolation in the system. </SLIDESCRIPT> <SLIDETRANSITION>Let’s look at some review questions</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Encuesta: Usted ha activado la opción ALLOW_SNAPSHOT_ISOLATION...
[Encuesta de opción múltiple de PlaceWare. Utilice PlaceWare > Editar propiedades de la diapositiva...Para editar.] Establecer el nivel de aislamiento a SNAPSHOT en cada sesión de cliente. Especificar la señal de bloqueo READCOMMITTEDLOCK en sus consultas. Especificar la instrucción BEGIN TRAN antes de todas las consultas. Nada – el nivel predeterminado de aislamiento READ COMMITTED ahora utilizará versiones de filas en lugar de bloqueos.

Repaso Aislamiento de la instantánea
Usted ha activado la opción ALLOW_SNAPSHOT_ISOLATION en una base de datos. ¿Qué más debe hacer para asegurar que se utilice el aislamiento de instantánea? Establecer el nivel de aislamiento a SNAPSHOT en cada sesión de cliente. Especificar la señal de bloqueo READCOMMITTEDLOCK en sus consultas. Especificar la instrucción BEGIN TRAN antes de todas las consultas. Nada – el nivel predeterminado de aislamiento READ COMMITTED ahora utilizará versiones de filas en lugar de bloqueos. <SLIDETITLE>Review: Snapshot Isolation</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is 1. After setting the READ_COMMITTED_SNAPSHOT database option you need to ensure that each client session sets the transaction level to SNAPSHOT in order to use snapshot isolation. 2 is incorrect because the READCOMMITTEDLOCK hint would cause SQL Server to use locks instead of row versioning. 3 is also wrong: a BEGIN TRAN statement is not required to use row versioning for a single statement. And 4 is wrong; to use row versioning (and therefore snapshot semantics) with the READ COMMITTED isolation level, you must set the READ_COMMITTED_SNAPSHOT database option instead of the ALLOW_SNAPSHOT_ISOLATION option. </SLIDESCRIPT> <SLIDETRANSITION>Let’s try another question.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: ¿Cómo crea una instantánea de la base de datos?
[Encuesta de opción múltiple de PlaceWare. Utilice PlaceWare > Editar propiedades de la diapositiva...Para editar.] Utilizar una instrucción CREATE SNAPSHOT. Separar la base de datos fuente, luego adjuntarla a la cláusula AS SNAPSHOT. Respaldar la base de datos fuente, luego restaurarla con la cláusula FROM SNAPSHOT. Ejecutar una isntrucción CREATE DATABASE con la cláusula AS SNAPSHOT OF.

Repaso Instantáneas de la base de datos
¿Cómo crea una instantánea de la base de datos? Utilizar una instrucción CREATE SNAPSHOT. Separar la base de datos fuente, luego adjuntarla a la cláusula AS SNAPSHOT. Respaldar la base de datos fuente, luego restaurarla con la cláusula FROM SNAPSHOT. Ejecutar una isntrucción CREATE DATABASE con la cláusula AS SNAPSHOT OF. <SLIDETITLE>Review: Database Snapshots</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is 4. You create a database snapshot in the same way as you create a database, but add the AS SNAPSHOT OF clause to specify the source database. If you want to specify the individual files for your snapshot database, you must add a file for each file in the source database and the logical names must match. </SLIDESCRIPT> <SLIDETRANSITION>Let’s try one more question.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: Cuál vista dinámica de administración puede utilizar para devolver in...
[Encuesta de opción múltiple de PlaceWare. Utilice PlaceWare > Editar propiedades de la diapositiva...Para editar.] sys.dm_tran_locks sys.dm_tran_active_transactions sys.dm_tran_database_transactions sys.dm_tran_session_transactions

Repaso Vistas dinámicas de administración
¿Cuál vista dinámica de administración puede utilizar para devolver información acerca de las operaciones en una base de datos específica? sys.dm_tran_locks sys.dm_tran_active_transactions sys.dm_tran_database_transactions sys.dm_tran_session_transactions <SLIDETITLE>Review: Dynamic Management Views </SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is 3. You can use sys.dm_tran_database_transactions to return information about the transactions in a specific database. </SLIDESCRIPT> <SLIDETRANSITION>Let’s move on and start looking at security.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Autenticación y política de contraseña basado en punto final Separación del esquema del usuario Contexto de ejecución del módulo Permisos granulares <SLIDETITLE>Agenda</SLIDETITLE> <KEYWORDS>Agenda</KEYWORDS> <KEYMESSAGE> This is the agenda for this session. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Now we’re ready to begin exploring security in SQL Server </SLIDESCRIPT> <SLIDETRANSITION> Let’s begin, then, by taking a broad look at the security mechanisms used by SQL Server. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Modelo de seguridad de SQL Server 2005 Mecanismos de seguridad
Autenticación Nombre del usuario y contraseña Certificados Autorización Permisos Criptografía Claves simétricas Claves asimétricas <SLIDETITLE>Security Mechanisms</SLIDETITLE> <KEYWORDS>Authentication; Authorization</KEYWORDS> <KEYMESSAGE>Here are some of the new features of SQL Server Management Studio.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> SQL Server utilizes familiar security mechanisms to create a secure environment. Authentication identifies the principal who is attempting to access, change or delete the data. SQL Server supports authentications by username and password and certificate. Certificates will be covered in more depth in the fifth part of these Webcasts. SQL Server has integrated support for Windows password policies. The policy can be used to enforce password lengths and complexity. We will look at this more closely later in this session. Authorization is the process of allowing or denying the principal, once they are authenticated, access to data. SQL Server 2005 provides improved granularity of permissions enabling an administrator to be specific about the permissions that are being assigned. We will also look at permissions later in this session. SQL Server also uses cryptography. This is the process of encryption and decryption to protect the data. Cryptography will also be covered in the fifth part of these Webcasts. </SLIDESCRIPT> <SLIDETRANSITION> Let’s see how SQL Server limits access to data and functionality. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Modelo de seguridad de SQL Server 2005 Componentes de seguridad
<SLIDETITLE>Security Components</SLIDETITLE> <KEYWORDS>Principals; Permissions; Securables</KEYWORDS> <KEYMESSAGE>Show the use of principals, permissions and securables.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> There are three major components that are used to limit access to features and functionality on a SQL Server; principals, securables and permissions. A principal is an identity that has authenticated to the SQL Server. Principals can be Windows user and group accounts, or SQL based user accounts and roles. A securable is a resource. Access to a securable is controlled. Securables in SQL Server include databases, assemblies, tables, and other objects. SQL Server objects are arranged in a hierarchy of three scopes; server, database and schema. The server scope contains objects such as logins, endpoints, certificates and databases. The database scope contains objects such as users, roles, assemblies and schemas. The schema scope contains objects such as tables, views, functions and procedures. Permissions define the access that a principal has on a securable. The range of permissions that can be applied has been extended in SQL Server Each permission can be granted; assigning the permission to a principal that does not have it, revoked; removing the permission from a principal, or denied; disallowing a principal from obtaining a permission. To govern the SQL Server environment, principals should be assigned the most restrictive permission to a securable that still allows them the access they require. </SLIDESCRIPT> <SLIDETRANSITION> Let’s have a look at the process of a login accessing an object in the database. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> Principales Windows Grupos Cuenta de dominio Cuenta local SQL Server Cuenta SQL Rol del servidor Base de datos Usuario Rol de la base de datos Rol de la aplicación Grupo Permisos Otorgar/revocar/rechazar Crear Alterar Soltar Controlar Conectar Seleccionar Ejecutar Actualizar Eliminar Insertar Asegurables Enfoque del servidor Inicios de sesión Puntos finales Bases de datos Enfoque de la base de datos Usuarios Ensamblados Esquemas Enfoque del esquema Tablas Procedimientos Vistas

Solicitud de conexión a la red/saludo de inicio de sesión previo
Modelo de seguridad de SQL Server 2005 Proceso de acceso seguro Solicitud de conexión a la red/saludo de inicio de sesión previo Conéctese al PC de SQL Server <SLIDETITLE>Secure Access Process</SLIDETITLE> <KEYWORDS>Secure; access</KEYWORDS> <KEYMESSAGE> Show the secure access process </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> As we have seen SQL Server secures access to resources. To successfully access a database object you must first locate and connect to the SQL Server. Connecting to the SQL Server is done via an endpoint. A SQL Server can have multiple endpoints, each one identifying which SQL Server logins have permission to use it. The next step is to access a database. To do this the SQL Server login must be configured as a database user and granted relevant permissions. If you make it this far through the process the next step is to access the required object. You are only allowed to do this if you have the correct permissions to carryout the required action. From this process you can see that SQL Server implements a multi-layered security model. </SLIDESCRIPT> <SLIDETRANSITION> Let’s have a look at the next agenda item. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION> Solicitud de autenticación de inicio de sesión para SQL Server Establezca las credenciales de inicio de sesión; Autorice contra EP Cambie a una base de datos y autorice el acceso Establezca un contexto de la base de datos Intente realizar una acción Verifique los permisos para todas las acciones

Autenticación y política de contraseña basado en punto final Separación del esquema del usuario Contexto de ejecución del módulo Permisos granulares <SLIDETITLE>Agenda</SLIDETITLE> <KEYWORDS>Agenda</KEYWORDS> <KEYMESSAGE> This is the next agenda item. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> We will now look at endpoints and the integration of Windows password policy. </SLIDESCRIPT> <SLIDETRANSITION> Firstly endpoints. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Autenticación y política de contraseña basadas en punto final Puntos finales de SQL Server 2005
Punto de entrada a una instancia de SQL Server Configurable para múltiples transportes Protocolo de transporte de hipertexto (HTTP) Memoria compartida (SM) Canalización nombrada (NP) Protocolo del control de permisos (TCP) Adaptador de interfaz virtual (VIA) Vista del catálogo Sys.endpoints <SLIDETITLE>SQL Server 2005 Endpoints</SLIDETITLE> <KEYWORDS>Endpoint</KEYWORDS> <KEYMESSAGE>Introduce endpoints.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Endpoints are a point of entry to a SQL Server and as such, access to them should be restricted. Endpoints can be created for multiple transports as listed on the slide. The SQL Server endpoints for a system can be seen in the sys.endpoints catalog view. </SLIDESCRIPT> <SLIDETRANSITION> Some endpoint configuration is automatic. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Autenticación y política de contraseña basadas en punto final Configurar puntos finales
Todos los protocolos de transporte excepto HTTP Punto final predeterminado creado para todos los protocolos habilitados en inicio CONECTE los permisos asignados a los inicios de sesión autenticados Los permisos se pueden configurar sobre una base por punto final {GRANT|DENY|REVOKE} CONNECT ON ENDPOINT:: <EndPointName> TO <login> <SLIDETITLE>Configuring Endpoints</SLIDETITLE> <KEYWORDS>Endpoint</KEYWORDS> <KEYMESSAGE>Explain automatic endpoint creation..</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> By default endpoints are created for TCP, shared memory, named pipes and the virtual interface adapter if the protocol is enabled when SQL Server starts up. By default, all logins are granted connect permissions on these endpoints, though this behavior can be configured by granting, denying or revoking the connect permission on the endpoint. </SLIDESCRIPT> <SLIDETRANSITION> Default configuration for HTTP endpoints is different to that of the other protocols. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Autenticación y política de contraseña basadas en punto final Puntos finales de HTTP
Beneficios del soporte HTTP nativo Soporte a protocolos en toda la industria Puertos abiertos limitados en los firewalls Puntos finales de HTTP Los puntos finales se deben crear explícitamente Sin permisos por predeterminación Requiere Windows Server 2003 (HTTP.sys) pero no Internet Information Services (IIS) <SLIDETITLE>HTTP Endpoints</SLIDETITLE> <KEYWORDS>HTTP; Endpoint</KEYWORDS> <KEYMESSAGE>Explain the differences with HTTP endpoints.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> The use of HTTP endpoints is beneficial in a heterogeneous environment because the web services that can use them work independently of programming language and operating system. Access to a web service is provided over HTTP, making firewall configuration straightforward. HTTP endpoints are not created by default. They must be explicitly created and have access permissions assigned to them. HTTP endpoint support in SQL Server 2005 requires the use of HTTP.sys, available as part of Windows Server However, Internet Information Services is not required. </SLIDESCRIPT> <SLIDETRANSITION> Let's see how to create an HTTP endpoint. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Asigna la propiedad del punto final
Autenticación y política de contraseña basadas en punto final Crear un punto final de HTTP Asigna la propiedad del punto final CREATE ENDPOINT endPointName [AUTHORIZATION login] STATE = { STARTED | STOPPED | DISABLED } AS { TCP | HTTP } ( PATH = 'url' , PORTS = ({CLEAR | SSL} [,... n]) [ SITE = {'*' | '+' | 'webSite' },] [, CLEAR_PORT = clearPort ] [, SSL_PORT = SSLPort ] , AUTHENTICATION =({BASIC | DIGEST | INTEGRATED} [,...n]) [, AUTH_REALM = { 'realm' | NONE } ] [, DEFAULT_LOGON_DOMAIN = {'domain' | NONE } ] [, RESTRICT_IP = { NONE | ALL } ] [, COMPRESSION = { ENABLED | DISABLED } ] [,EXCEPT_IP = ({ <4-part-ip> | <4-part-ip>:<mask> } [,...n]) ) <SLIDETITLE>Creating an HTTP Endpoint</SLIDETITLE> <KEYWORDS>HTTP; Endpoint</KEYWORDS> <KEYMESSAGE>Show the security settings that can be configured when creating an HTTP endpoint.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> When you create an HTTP endpoint there are a number of security settings that can be configured. First, the Authorization parameter assigns ownership of the endpoint. If nothing is specified the principal that executes the statement becomes the owner. </SLIDESCRIPT> <SLIDETRANSITION> The next parameter is…... </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Tipo de autenticación que se va a usar
Autenticación y política de contraseña basadas en punto final Crear un punto final de HTTP CREATE ENDPOINT endPointName [AUTHORIZATION login] STATE = { STARTED | STOPPED | DISABLED } AS { TCP | HTTP } ( PATH = 'url' , PORTS = ({CLEAR | SSL} [,... n]) [ SITE = {'*' | '+' | 'webSite' },] [, CLEAR_PORT = clearPort ] [, SSL_PORT = SSLPort ] , AUTHENTICATION =({BASIC | DIGEST | INTEGRATED} [,...n]) [, AUTH_REALM = { 'realm' | NONE } ] [, DEFAULT_LOGON_DOMAIN = {'domain' | NONE } ] [, RESTRICT_IP = { NONE | ALL } ] [, COMPRESSION = { ENABLED | DISABLED } ] [,EXCEPT_IP = ({ <4-part-ip> | <4-part-ip>:<mask> } [,...n]) ) Tipo de autenticación que se va a usar <SLIDETITLE>Creating an HTTP Endpoint</SLIDETITLE> <KEYWORDS>HTTP; Endpoint</KEYWORDS> <KEYMESSAGE>Show the security settings that can be configured when creating an HTTP endpoint.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> The Authentication clause defines the authentication method that is used when clients access the endpoint. The parameter value can be; basic, digest, integrated or a comma separated list of a combination of these values. </SLIDESCRIPT> <SLIDETRANSITION> The next security configuration uses a combination of parameters. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Se utiliza en conjunto para restringir el acceso a punto final
Autenticación y política de contraseña basadas en punto final Crear un punto final de HTTP CREATE ENDPOINT endPointName [AUTHORIZATION login] STATE = { STARTED | STOPPED | DISABLED } AS { TCP | HTTP } ( PATH = 'url' , PORTS = ({CLEAR | SSL} [,... n]) [ SITE = {'*' | '+' | 'webSite' },] [, CLEAR_PORT = clearPort ] [, SSL_PORT = SSLPort ] , AUTHENTICATION =({BASIC | DIGEST | INTEGRATED} [,...n]) [, AUTH_REALM = { 'realm' | NONE } ] [, DEFAULT_LOGON_DOMAIN = {'domain' | NONE } ] [, RESTRICT_IP = { NONE | ALL } ] [, COMPRESSION = { ENABLED | DISABLED } ] [,EXCEPT_IP = ({ <4-part-ip> | <4-part-ip>:<mask> } [,...n]) ) <SLIDETITLE>Creating an HTTP Endpoint</SLIDETITLE> <KEYWORDS>HTTP; Endpoint</KEYWORDS> <KEYMESSAGE>Show the security settings that can be configured when creating an HTTP endpoint.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Restrict_IP and Except_IP are used together to specify allowed access to the endpoint. Restrict_IP can have a value of None or All. Except_IP can list IP addresses but is optional and can have no value. To configure that no IP addresses are denied access, except for a specified list of addresses that are, enter a value of None for Restrict_IP and specify a list of IP addresses for Except_IP. To configure that all IP addresses are denied access, except for a specified list of addresses that are not, enter a value of All for Restrict_IP and specify a list of IP addresses for Except_IP. None is the default for Restrict_IP so that no IP addresses are denied access. By default Except_IP has no value. </SLIDESCRIPT> <SLIDETRANSITION> Let's have a look at how SQL Server uses the Windows password policy. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> Se utiliza en conjunto para restringir el acceso a punto final

Autenticación y política de contraseña basadas en punto final Política de contraseña en SQL Server 2005 Requiere Windows Server 2003 Autenticación Windows Inicio de sesión del usuario para Windows Política de contraseña para Windows reforzada Autenticación de SQL Server Inicio de sesión de SQL Server Política de contraseña de máquina local aplicada Política de dominio en un ambiente de dominio Vista del catálogo sys.sql_logins <SLIDETITLE>Password Policy in SQL Server 2005</SLIDETITLE> <KEYWORDS>SQL Server; Password; Policy</KEYWORDS> <KEYMESSAGE>Explain how SQL Server uses the Windows password policy.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> When a Windows user is created, a password for that user must be configured. To maintain security Windows enables the configuration of a policy governing password acceptability. The major features of the policy are the required length of a password, password complexity and password expiration. SQL Server 2005 can use the Windows password policy of the local machine, or in a domain the domain policy, and enforce the same requirements for SQL Server logins. The sys.sql_logins catalog view enables an administrator to check that all passwords being used meet the policy requirements. </SLIDESCRIPT> <SLIDETRANSITION> Let's see how we can configure password policies. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Configuraciones de la política de contraseña
Autenticación y política de contraseña basadas en punto final Crear inicios de sesión <SLIDETITLE>Creating Logins</SLIDETITLE> <KEYWORDS>Password policy; creating login</KEYWORDS> <KEYMESSAGE>Explain how to use the Management Studio to create a SQL login using the Windows password policy..</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> New logins can be created in the SQL Server Management Studio. The administrator can create a new login and choose to apply the Windows password policy. If the Enforce password expiration option is enabled, the Enforce password policy option must also be enabled. </SLIDESCRIPT> <SLIDETRANSITION> The Windows password policy can also be applied when using CREATE LOGIN. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> Configuraciones de la política de contraseña

Configuraciones de la política de contraseña
Autenticación y política de contraseña basadas en punto final Crear inicios de sesión CREATE LOGIN login_name { WITH < option_list1 > | FROM < sources > } < sources >::= WINDOWS [ WITH windows_options [,...] ] | CERTIFICATE certname | ASYMMETRIC KEY asym_key_name < option_list1 >::= PASSWORD = ' password ' [ HASHED ] [ MUST_CHANGE ] [ , option_list2 [ ,... ] ] < option_list2 >::= SID = sid | DEFAULT_DATABASE = database | DEFAULT_LANGUAGE = language | CHECK_EXPIRATION = { ON | OFF} | CHECK_POLICY = { ON | OFF} [ CREDENTIAL = credential_name ] < windows_options >::= DEFAULT_DATABASE = database Configuraciones de la política de contraseña <SLIDETITLE>Creating Logins</SLIDETITLE> <KEYWORDS>Password policy; creating login</KEYWORDS> <KEYMESSAGE>Explain how to use CREATE LOGIN to create a SQL login using the Windows password policy..</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> The CREATE LOGIN statement is new to SQL Server 2005, and replaces the sp_addlogin and sp_grantlogin stored procedures in previous releases. It has two parameters that enable the use of the Windows password policy. CHECK_EXPIRATION and CHECK_POLICY can both have values of ON or OFF. If CHECK_EXPIRATION is set to ON then CHECK_POLICY must also be set to ON. </SLIDESCRIPT> <SLIDETRANSITION> Let's see a demonstration of the use of Windows password policies with SQL Server 2005. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

demo Autenticación y política de contraseña basadas en punto final
Investigar las políticas de contraseñas de Windows Utilizar la interfaz gráfica para crear un inicio de sesión de SQL nuevo Utilizar Transact-SQL para un crear un inicio de sesión de SQL nuevo <SLIDETITLE>Demonstration: Endpoint Based Authentication and Password Policy.</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>In this demonstration, I will show how to use the Windows password policy when creating SQL Server logins. </SLIDESCRIPT> <SLIDETRANSITION>Let’s look at some review questions</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: Está investigando diferentes métodos de acceso a su...
[Encuesta de opción múltiple de PlaceWare. Utilice PlaceWare > Editar propiedades de la diapositiva...Para editar.] TCP HTTP SM NP

Repaso Autenticación basada en punto final
Está investigando diferentes métodos de acceso a su SQL Server, ¿qué tipo de punto final no se crea automáticamente? TCP HTTP SM NP <SLIDETITLE>Review: Endpoint Base Authentication</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is 2. HTTP endpoints must be explicitly created. </SLIDESCRIPT> <SLIDETRANSITION>Let’s try another question</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: Usted necesita instalar SQL Server y hacerlo disponible para...
[Encuesta de opción múltiple de PlaceWare. Utilice PlaceWare > Editar propiedades de la diapositiva...Para editar.] Instalar en Windows 2000 e instalar IIS Instalar en Windows Server 2003 e Instalar IIS Instalar en Windows Server 2003 y utilizar la isntrucción CREATE ENDPOINT para crear un punto final de HTTP Instalar en Windows Server 2003 e instalar SQLXML 4.0

Repaso Autenticación basada en punto final
Usted necesita instalar SQL Server y hacerlo disponible para los clientes basados en HTTP. ¿Qué debe hacer? Instalar en Windows 2000 e instalar IIS Instalar en Windows Server 2003 e instalar IIS Instalar en Windows Server 2003 y utilizar la instrucción CREATE ENDPOINT para crear un punto final de HTTP Instalar en Windows Server 2003 e instalar SQLXML 4.0 <SLIDETITLE>Review: Endpoint Based Authentication.</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is 3. HTTP endpoints enable access for web based clients. Because HTTP endpoints use HTTP.sys they require Windows Server 2003 and must be explicitly created using CREATE ENDPOINT. </SLIDESCRIPT> <SLIDETRANSITION>We will now move on to the next agenda item.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Autenticación y política de contraseña basado en punto final Separación del esquema del usuario Contexto de ejecución del módulo Permisos granulares <SLIDETITLE>Agenda</SLIDETITLE> <KEYWORDS>Agenda</KEYWORDS> <KEYMESSAGE> This is the agenda for this session. </KEYMESSAGE> <SLIDEBUILDS>4</SLIDEBUILDS> <SLIDESCRIPT> The next item on the agenda is user schema separation. </SLIDESCRIPT> <SLIDETRANSITION> Let's have a look at the extended role that schemas play in SQL Server 2005 environments. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Separación del esquema del usuario Introducción del esquema
Funcionalidad ampliada de versiones previas Espacio de nombre para objetos de la base de datos Los grupos de objetos no dependen de la propiedad Permisos otorgados en el esquema así como en los objetos individuales de la base de dato Los permisos otorgados en el esquema afectan los objetos de la base de datos del esquema Soltar a un usuario no requiere renombrar los objetos propiedad del usuario <SLIDETITLE>Schema Introduction.</SLIDETITLE> <KEYWORDS>Schema</KEYWORDS> <KEYMESSAGE> Explain the role of schemas with SQL Server 2005. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> In SQL Server 2005 databases, a schema is a container for database objects. The schema in which an object is defined is also part of the object namespace. The object namespace no longer includes object owners as it did in previous releases, providing greater flexibility when organizing database objects. Schemas are securables. A permission granted on a schema is inherited by the database objects within the schema. If necessary, permissions can be explicitly assigned at the schema scope and also at the object itself. For example, you could grant SELECT permission on the schema, and DENY SELECT permission on a specific table within the schema. The result is that the user has SELECT permission on all objects in the schema except the table on which you denied SELECT permission. However, if a user is denied access at the schema scope, they cannot access any objects that are members of the schema. Because the object namespace no longer includes the owner, if the owner changes it does not affect object access. </SLIDESCRIPT> <SLIDETRANSITION> Let's have a look at how schemas are assigned. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Separación del esquema del usuario Esquema predeterminado
Se puede asignar un esquema predeterminado cuando se crea un usuario de la base de datos <SLIDETITLE>Default Schema</SLIDETITLE> <KEYWORDS>Default; Schema.</KEYWORDS> <KEYMESSAGE> Explain how users are assigned a default schema. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> When a login is assigned database user permissions they can also be assigned a default schema. This can make it easier to manage users who commonly need to access a related set of objects. For example, the administrator can organize related tables, views, procedures, and so on that relate to a particular department into a schema and make that schema the default for each member of the department. This makes it easier for the administrator to organize object permissions and data retrieval and protection for the organization as a whole. </SLIDESCRIPT> <SLIDETRANSITION> Let's a have a look at the management of schemas.. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> CREATE USER user_name [ FOR {LOGIN login_name | CERTIFICATE cert_name | ASYMMETRIC KEY asym_key_name } ] [ WITH DEFAULT_SCHEMA = schema_name ] Especifique el esquema predeterminado

Separación del esquema del usuario Administrar esquemas
CREAR UN ESQUEMA Crea un esquema Asigna propiedad del esquema Crea objetos de la base de datos como miembros del esquema ALTERAR EL ESQUEMA Cambie la propiedad del esquema Mueva los objetos de la base de datos entre esquemas SOLTAR ESQUEMA Elimina el esquema <SLIDETITLE>Managing Schemas.</SLIDETITLE> <KEYWORDS>Create schema; alter schema; drop schema.</KEYWORDS> <KEYMESSAGE> Explain the management of schemas. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> There are a number of SQL statements that can be used to manage schemas: CREATE SCHEMA is used to create schemas and assign ownership. When you use the statement you can also create database objects and include them as schema members. ALTER SCHEMA is used to change schema ownership and also to move database objects between schemas. DROP SCHEMA is used to remove a schema. </SLIDESCRIPT> <SLIDETRANSITION> Let's see how the object namespace is made up. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Separación del esquema del usuario Espacio de nombre del objeto
<SLIDETITLE>Object Namespace</SLIDETITLE> <KEYWORDS>Namespace; object</KEYWORDS> <KEYMESSAGE> Explain the database object namespace.. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> The object namespace includes four levels; server, database, schema, object. When defined in a request, each level is written separated by dot as shown on the slide. The search process automatically uses the default schema that is configured for the user, falling back to the built-in dbo schema if the object is not found in the user’s default schema. </SLIDESCRIPT> <SLIDETRANSITION> So how does the default schema affect data requests. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> Ventas Cliente LON-SQL-01 AdventureWorks LON-SQL-01.AdventureWorks.Sales.Customer

Separación del esquema del usuario Acceder a los objetos de la base de datos
Ventas Cliente SELECT * FROM Customer <SLIDETITLE>Accessing Database Objects</SLIDETITLE> <KEYWORDS>Schema; access; objects; search</KEYWORDS> <KEYMESSAGE> Explain how default schemas affect a data search. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> When you make a request for data, it must include the namespace path to the object you require. The namespace path up to your default schema is automatically assumed by default. Therefore, if you request a table that is a member of your default schema you need only specify the table name. If the table is not found in the users default schema, SQL server 2005 will always search the built-in dbo schema before failing If you request a table in another schema but still in your default database you must specify the schema and table name. If the object is not in your default database you must specify the database name as well. Sys.database_principals and sys.schemas catalog views return information regard schema owners and default schemas. </SLIDESCRIPT> <SLIDETRANSITION> Schemas also make dropping users easier than with earlier versions. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> SELECT * FROM JobCandidate dbo SELECT * FROM dbo.JobCandidate [ WITH DEFAULT_SCHEMA = Sales ] Candidato al puesto Vista del catálogo sys.database_principals Vista del catálogo sys.schemas

El propietario cambió a Caitlin
Separación del esquema del usuario Compatibilidad de la aplicación en versiones previas Propiedad de Celia SELECT CustomerID FROM Celia.Customer Aplic. <SLIDETITLE>Application Compatibility in Previous Versions.</SLIDETITLE> <KEYWORDS>User schema separation; ownership.</KEYWORDS> <KEYMESSAGE> Explain the benefits of user schema separation. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> In previous versions of SQL Server the object owner name is part of the object’s namespace. Applications use the namespace to access the object. If the owner of the object is changed the applications need to be rewritten. </SLIDESCRIPT> <SLIDETRANSITION> SQL Server 2005 addresses this problem. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> Cliente El propietario cambió a Caitlin SELECT CustomerID FROM Celia.Customer Aplic. Cliente

El propietario cambió a Caitlin
Separación del esquema del usuario Compatibilidad de la aplicación con SQL Server 2005 Propiedad de Celia Ventas SELECT CustomerID FROM Sales.Customer Aplic. <SLIDETITLE>Application Compatibility with SQL Server 2005.</SLIDETITLE> <KEYWORDS>User schema separation; ownership.</KEYWORDS> <KEYMESSAGE> Explain the use of schema separation in SQL Server 2005. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> SQL Server 2005 does not use the name of the object owner in the objects namespace. The object namespace remains the same irrespective of changes in ownership maintaining application compatibility. </SLIDESCRIPT> <SLIDETRANSITION> Let's see a demonstration of schema separation. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> Cliente El propietario cambió a Caitlin Ventas SELECT CustomerID FROM Sales.Customer Aplic. Cliente

demo Separación del esquema del usuario
Crear un esquema y asignar propiedad Utilizar espacios de nombre del objeto Cambiar la propiedad y la inercia del esquema <SLIDETITLE>Demonstration: SQL Server Management Studio</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>In this demonstration, I will show how to use SQL Server Management Studio to perform some common tasks; registering a server to manage, creating a new database on that server, and adding a user to the database server. </SLIDESCRIPT> <SLIDETRANSITION>Let’s move on to the next item on the agenda</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Autenticación y política de contraseña basado en punto final Separación del esquema del usuario Contexto de ejecución del módulo Permisos granulares <SLIDETITLE>Agenda</SLIDETITLE> <KEYWORDS>Agenda</KEYWORDS> <KEYMESSAGE> Introduce the next item on the agenda. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> We will now look at module execution context. </SLIDESCRIPT> <SLIDETRANSITION> Let’s have a look at the benefits of this feature. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Contexto de la ejecución del módulo Introducción
Configure el contexto de ejecución de los módulos El que llama no requiere permisos Efectivo con una cadena de propiedad rota EJECUTAR COMO El que llama (predeterminado) Nombre del usuario (personaliza los permisos que se requieren) Uno mismo Propietario <SLIDETITLE>Introduction</SLIDETITLE> <KEYWORDS>Module; execution; context</KEYWORDS> <KEYMESSAGE> Explain the benefits of module execution context. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Module execution context enables an administrator to create specific security contexts for the execution of code on the server. For example the administrator can create a procedure that reads or writes to a table and configure the security context that the procedure executes in. This means the caller of the procedure does not need to have the permissions to carry out the functions of the procedure , though they do need to have execute permissions for the procedure itself. The ability to specify the identity used by a code module such as a stored procedure ensures that callers can use the stored procedure to access data from underlying objects they have no permissions on, even when the ownership chain is broken. You specify the identity to be used by a code module with the EXECUTE AS clause of the appropriate CREATE statement. When specifying an identity with the EXECUTE AS clause, you can specify CALLER – the user calling the procedure, the name of a user whose security context the procedure will use, SELF – the user who created the procedure, or OWNER –the owner of the procedure. </SLIDESCRIPT> <SLIDETRANSITION> Let's take a look at this process. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Contexto de la ejecución del módulo Proceso de contexto de ejecución
DENY SELECT ON sales.customer TO Bill GRANT SELECT ON sales.customer TO Jane <SLIDETITLE>Execution Context Process.</SLIDETITLE> <KEYWORDS>Execution; context</KEYWORDS> <KEYMESSAGE> Explain the execution context process. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> A user has EXECUTE permissions on a procedure. The procedure executes and accesses a table in a database that the calling user does not have access to. Because the procedure has been configured to execute with a specific execution context, the table is accessed as the principal configured for the procedure, enabling the user to return the data without being given permissions, even when the ownership chain is broken. In the example shown here, John owns a table called sales.customer. Jane has been granted SELECT permission on this table, but Bill has been denied SELECT permission. Jane owns a stored procedure called GetCusts, which is configured to execute as OWNER. When Bill tries to query the sales.customer table directly, he is denied access. However, when he executes the GetCusts stored procedure, the procedures executes as Jane, returning the data to Bill. This approach does not allow an administrator to audit who is accessing the data as the security context is always the one configured for the procedure, but it can be a useful way to control access to data when you don’t want to grant permissions on base tables and views and you have broken ownership chains. The sys.sql_modules catalog view returns information about the security context of procedures. </SLIDESCRIPT> <SLIDETRANSITION> Let's see a demonstration of this process. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> CREATE PROCEDURE GetCusts WITH EXECUTE AS OWNER AS SELECT * FROM sales.customer Bill Jane sales.customer (Propietario: John) Procedimiento almacenado (Propietario: Jane) Vista del catálogo sys.sql_modules

demo Contexto de ejecución del módulo
Utilizar el contexto de ejecución del módulo <SLIDETITLE>Demonstration: Module Execution Context</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>In this demonstration, we will show the use of module execution context. </SLIDESCRIPT> <SLIDETRANSITION>Let’s look at some review questions.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: Cuando cambia el propietario de un objeto, este cambia el ...
[Encuesta de opción múltiple de PlaceWare. Utilice PlaceWare > Editar propiedades de la diapositiva...Para editar.] Verdadero Falso

Repaso Separación del esquema del usuario
¿Cuándo cambia el propietario de un objeto, este cambia el espacio de nombre para ese objeto? Verdadero Falso <SLIDETITLE>Review: User Schema Separation</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is FALSE. The object owner is no longer part of the object namespace. </SLIDESCRIPT> <SLIDETRANSITION>Let’s try another question.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: ¿Qué instrucción se utiliza para ejecutar un módulo como alguien...
[Encuesta de opción múltiple de PlaceWare. Utilice PlaceWare > Editar propiedades de la diapositiva...Para editar.] EXECUTE AS EXECUTE USER EXECUTE RUNAS

Repaso Contexto de la ejecución del módulo
¿Qué instrucción se utiliza para ejecutar un módulo como alguien que no sea el que llama? EXECUTE AS EXECUTE USER EXECUTE RUNAS <SLIDETITLE>Review: Module Execution Context.</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is 1. EXECUTE AS enables an administrator to specify the execution context of the module. </SLIDESCRIPT> <SLIDETRANSITION>Now let’s move on to the final topic of this session.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Autenticación y política de contraseña basado en punto final Separación del esquema del usuario Contexto de ejecución del módulo Permisos granulares <SLIDETITLE>Agenda</SLIDETITLE> <KEYWORDS>Agenda</KEYWORDS> <KEYMESSAGE> Introduce the next agenda item. </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> The last agenda item covers granular permissions. </SLIDESCRIPT> <SLIDETRANSITION> Let's have a look at permissions in SQL Server 2005. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Permisos granulares Introducción
Asegurables ordenados en una jerarquía Herencia de permisos Todos los objetos tienen permisos asociados Principal de menor privilegio <SLIDETITLE>Introduction.</SLIDETITLE> <KEYWORDS>Permissions.</KEYWORDS> <KEYNESSAGE>Explain the use of permissions in SQL Server 2005.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Securables in SQL Server 2005 are arranged in a hierarchy, from server to database to schema to object. Relevant permissions that are assigned higher up the hierarchy are inherited by any securables lower down. For example, EXECUTE permissions granted at the database level will affect all schemas, assuming the permission is not specifically denied lower down the hierarchy. The permissions hierarchy in SQL Server 2005 is more granular than in previous releases. All objects in the system have associated permissions, making it possible to implement flexible security policies. For example, you could assign CONTROL permission on all login objects that relate to users in a specific department to the login for the department supervisor; effectively delegating the administration of those logins. At the database level, you can assign individual permissions on all objects to users or database roles. This approach allows you to assign custom permission sets when the default permissions for the built-in server or database roles are inappropriate. The granular permissions hierarchy in SQL Server 2005 enables administrators to follow the principal of least privilege; assigning only the permissions necessary for each principal to carry out their role. </SLIDESCRIPT> <SLIDETRANSITION> Permissions can be assigned at multiple levels or scopes. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Permisos granulares Enfoque del permiso
Enfoque del servidor El otorgamiento de permisos se debe asignar en la base de datos Maestra Permisos específicos para cada asegurable Enfoque de la base de datos Puede asignar permisos específicos a un rol personalizado Permite a los principales ejecutar tareas dentro de la base de datos Otorgar permisos se debe asignar en la base de datos containing y en el asegurable al cual aplican los permisos Enfoque del esquema Se utiliza para agrupar objetos de la base de datos Asigna permisos al esquema para afectar a los miembros del esquema <SLIDETITLE>Permission Scopes.</SLIDETITLE> <KEYWORDS>Permission scopes; server; database; schema.</KEYWORDS> <KEYMESSAGE>Explain the configuration of permission scopes.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Permission scopes separate the SQL Server environment into different, configurable areas of access. Each scope contains securables specific to that scope. The highest level is the server scope. The server scope contains securables that effect the server as a whole, such as; logins, HTTP endpoints, certificates, event notifications and databases. Any permissions that are granted at the server scope must be assigned in the Master database. The server scope contains the database scope. Permissions at the database scope allow principals to execute tasks within the database. Permissions must be assigned in the database to which the permissions apply and the principals must be database users. Securables at the database level include; users, roles, assemblies, full-text catalogs and schemas. The database scope contains the schema scope. The schema scope contains the database objects. Some permissions, such as SELECT, assigned at the schema level effect the objects contained by the schema. Securables at the schema level include; tables, views, functions, procedures, queues and types. Relevant permissions can be inherited from scope to scope. For example SELECT assigned at the database scope will imply SELECT at schema scope which will, in turn, imply SELECT on all database objects. To change this inheritance process specific permissions can be assigned on the schema or object. The implementation of these permission scopes enables an administrator to implement a secure, robust environment where permissions are specific to the requirement of the principal. </SLIDESCRIPT> <SLIDETRANSITION> Let's have a look at the server scope. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Permisos granulares Enfoque del servidor
<SLIDETITLE>Server Scope.</SLIDETITLE> <KEYWORDS>Permissions; Server scope</KEYWORDS> <KEYMESSAGE>Explain permissions at the server scope.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Specific permissions can be assigned to principals for specific objects., allowing them to carry out their assigned tasks. This removes the need to assign default server roles, such as sysadmin, that provide additional permissions that are not required. Server permissions can be viewed in the sys.server_permissions catalog view. </SLIDESCRIPT> <SLIDETRANSITION> Let's have a look at the database scope. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> GRANT CONTROL ON LOGIN::Tom TO Fred Controla el permiso en el inicio de sesión individual OTORGAR (GRANT) permisos en asegurables individuales cuando los permisos del rol predeterminados del servidor inapropiados Vistas del catálogo sys.server_permissions

Permisos granulares Enfoque de la base de datos
Ventas Sales.AddOrder Cuentas <SLIDETITLE>Database Scope.</SLIDETITLE> <KEYWORDS>Permissions; Database scope.</KEYWORDS> <KEYMESSAGE>Explain permissions at the database scope.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Permissions assigned at the database scope can be specific to an object within the scope or assigned on the database. Permissions assigned on the database can affect all schema objects within the database. Database permissions can be viewed in the sys.database_permissions catalog view. </SLIDESCRIPT> <SLIDETRANSITION> Let's have a look at the schema scope. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> Accounts.AddAcct GRANT EXECUTE TO Jim RRHH Permisos heredados en toda la base de datos HR.ViewEmps Vista del catálogo sys.database_permissions

Permisos granulares Enfoque del esquema
sales.customers Ventas <SLIDETITLE>Schema Scope.</SLIDETITLE> <KEYWORDS>Permissions; Schema scope.</KEYWORDS> <KEYMESSAGE>Explain permissions at the schema scope.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Permissions assigned at the schema scope can be specific to an object within the scope or assigned on the schema. Permissions assigned at the schema level can effect all relevant member objects. </SLIDESCRIPT> <SLIDETRANSITION> Finally Let's have a look at the objects themselves. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> sales.accounts GRANT SELECT ON SCHEMA::Sales TO Mary Permisos heredados en todo el esquema sales.figures

Permisos granulares Objetos individuales
sales.customers <SLIDETITLE>Individual Objects.</SLIDETITLE> <KEYWORDS>Permissions; Database objects.</KEYWORDS> <KEYMESSAGE>Explain permissions for individual objects.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Permissions assigned to the individual objects are specific to that object. If a permission is assigned to an object, the permission is enabled at the database and schema scope unless there is a specific deny assigned at either level. </SLIDESCRIPT> <SLIDETRANSITION> Let's see a demonstration of granular permissions. </SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION> sales.accounts GRANT SELECT ON sales.accounts TO Joe Sales.accounts Permisos sólo para un objeto en específico sales.figures

demo Permisos granulares
Asignar permisos en el enfoque de la base de datos Asignar permisos en el enfoque esquema Asignar permisos en múltiples enfoques <SLIDETITLE>Demonstration: Granular Permissions.</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>.</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> This demonstration shows the use of granular permissions. </SLIDESCRIPT> <SLIDETRANSITION>Let’s look at some final review questions.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: ¿Cuál de las siguientes es una opción al configurar p...
[Encuesta de opción múltiple de PlaceWare. Utilice PlaceWare > Editar propiedades de la diapositiva...Para editar.] CHECK_COMPLEX CHECK_SIMPLE CHECK_LENGTH CHECK_EXPIRATION

Repaso de la sesión ¿Cuál de las siguientes es una opción al configurar políticas de contraseña para los inicios de sesión de SQL? CHECK_COMPLEX CHECK_SIMPLE CHECK_LENGTH CHECK_EXPIRATION <SLIDETITLE>Session Review.</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is 4. The options when configuring password policies for SQL logins are; CHECK_EXPIRATION and CHECK_POLICY. </SLIDESCRIPT> <SLIDETRANSITION>Let’s try one more question.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: El contexto de la ejecución del módulo permite que un administrador con...

Repaso de la sesión El contexto de la ejecución del módulo permite que un administrador controle el acceso a los datos? Verdadero Falso <SLIDETITLE>Session Review.</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is TRUE. Module execution context controls access to data because the administrator does not need to assign all users who need access to the data permission to do so. </SLIDESCRIPT> <SLIDETRANSITION>Let’s try another question.</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Encuesta: Los permisos granulares permiten que un administrador asigne...

Repaso de la sesión Los permisos granulares permiten que un administrador asigne permisos específicos para los principales en los asegurables individuales. Verdadero Falso <SLIDETITLE>Session Review.</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Review Answer</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>The correct answer is TRUE. An administrator can assign specific permissions rather than roles. </SLIDESCRIPT> <SLIDETRANSITION>We will finish by summarizing this session</SLIDETRANSITION> <ADDITIONALINFORMATION> <ITEM></ITEM> </ADDITIONALINFORMATION>

Resumen de la sesión El modelo de seguridad incluye principales, permisos y asegurables Los puntos finales de HTTP permiten un acceso seguro sobre HTTP Políticas de contraseña de inicio de sesión de SQL El propietario del objeto ya no es más parte del espacio de nombre del objeto El contexto de ejecución del módulo permite un acceso controlado a los datos Los permisos granulares permiten que un administrador implemente una jerarquía de permisos haciendo el ambiente más seguro y más fácil de administrar. <SLIDETITLE>Summary</SLIDETITLE> <KEYWORDS>Summary</KEYWORDS> <KEYMESSAGE>These are the important items to remember from this session.</KEYMESSAGE> <SLIDEBUILDS>3</SLIDEBUILDS> <SLIDESCRIPT> The important things to remember from this session are: The security module uses permissions to control access to securables by principals. HTTP endpoint enable access to data via web services providing greater flexibility. Password policies can now be enforced for SQL logins. This maintains server and data security. User schema separation means that the owner of an object is no longer part of the namespace. This improves application compatibility and enables a robust data environment. Module execution context enables control over the number of principals who require permissions on securables. Granular permissions enable an administrator to be specific in the permissions that are assigned to users and therefore create a security environment of least privilege. </SLIDESCRIPT> <SLIDETRANSITION>To get more information on the products and technologies we have covered today, we have some online resources available</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Pasos a seguir Información del producto SQL Server 2005:
Actualice sus habilidades de administración de bases de datos a SQL Server 2005: Difusión por el Web de SQL Server 2005 en MSDN: Learn more about the next-generation data management and analysis software from Microsoft. Take these three-day instructor-led Beta 2 training courses from Microsoft Learning designed to help you upgrade your knowledge and skills to SQL Server 2005. Attend these additional live and on-demand webcasts from MSDN and ensure your skills and knowledge up to date.

Para mayores informes…
Visite TechNet en Para obtener información adicional sobre los libros, cursos y otros recursos de la comunidad que respalden esta sesión visite <SLIDETITLE>More Information</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> For the most comprehensive technical information on Microsoft products visit the main TechNet Web site at Additionally visit for more concise information on books, courses, certifications and other community resources that related directly to this particular session. </SLIDESCRIPT> <SLIDETRANSITION> What other resources are available from Microsoft?</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Serie de las difusiones por el Web: SQL Server 2005 – ¡Prepárese!
¿Lunes, 9:00 A.M. hora del Pacífico durante 10 semanas! del 21 de marzo al 18 de mayo, 2005 Microsoft SQL Server 2005 está en camino, e incluirá mejoras importantes en el rendimiento, disponibilidad, seguridad y el conjunto más poderoso y flexible de herramientas de productividad DBA que hayamos entregado jamás. Al utilizar presentaciones interactivas y demos en vivo del producto, lo guiaremos a través de todas las funciones y mejoras principales integradas en SQL Server 2005 para darle un gran inicio en sus planes de integrar estos beneficios en su organización. Bono: ¡Asista a una difusión por el Web en esta serie y envíe una evaluación, recibirá una copia de la versión más reciente de la versión en desarrollo del software de SQL Server 2005 en CD! Además, ¡asista a cualquier difusión por el Web en vivo de Microsoft durante junio y podrá ganar un Centro de medios portátil!

<SLIDETITLE>Tag line</SLIDETITLE>
<KEYWORDS></KEYWORDS> <KEYMESSAGE></KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT></SLIDESCRIPT> <SLIDETRANSITION></SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Microsoft Press Información interna para profesionales de informática
<SLIDETITLE>MS Press</SLIDETITLE> <KEYWORDS>MS Press</KEYWORDS> <KEYMESSAGE>Here are some relevant MS Press books.</KEYMESSAGE> <SLIDEBUILDS>1</SLIDEBUILDS> <SLIDESCRIPT> You can find some informative books on the MS Press website, such as: Introducing Microsoft SQL Server 2005 For Developers, Peter DeBetta. Get a first look at the programming enhancements in SQL Server This book covers many topics, including how you can work seamlessly with Microsoft Visual Studio tools and the Microsoft .NET common language runtime from within SQL Server. You’ll also explore Transact-SQL (T-SQL) language advances, native XML support, a new security model, and other features Microsoft SQL Server 2000 Administrator’s Companion, Marci Frohock Garcia, Jamie Reding, Edward, Whalen, Steve Adrien DeLuca. For SQL 2000 reference, this comprehensive, easy-to-read guide that saves time by providing all the facts you need to deploy, administer, and support SQL Server 2000 in organizations of any size. </SLIDESCRIPT> <SLIDETRANSITION>There are also a number of good books from other publishers</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION> Para encontrar los títulos más recientes, visite

Publicaciones de terceros Complementarias para profesionales de informática
<SLIDETITLE>Third Party Books</SLIDETITLE> <KEYWORDS>Third Party Books</KEYWORDS> <KEYMESSAGE>Here are some useful third party books</KEYMESSAGE> <SLIDEBUILDS>1</SLIDEBUILDS> <SLIDESCRIPT> Check your favorite bookseller for these titles: Microsoft SQL Server 2005 New Features, Michael Otey. Get full details on all the innovative features and benefits available in SQL Server This authoritative guide explains the new and improved enterprise data management capabilities, developer functions, and business intelligence tools A First Look at SQL Server 2005 for Developers, Bob Beauchemin, Niels Berglund, Dan Sullivan. Written for application and database developers who want to get a heads up, this book describes the new technologies being added to SQL server 2005, the problems they are intended to solve, and the entirely new data models they represent </SLIDESCRIPT> <SLIDETRANSITION>Microsoft also has instructor led courses if you prefer the classroom style environment.</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION> Estos libros se pueden encontrar y adquirir en todas las librerías de prestigio y con los proveedores en línea

Microsoft Learning Recursos de capacitación para profesionales de informática
Título Disponible 2733 Actualizar sus habilidades de administración de bases de datos a Microsoft SQL Server 2005 Ahora 2734 Actualizar sus habilidades de desarrollo de bases de datos a Microsoft SQL Server 2005 <SLIDETITLE>Microsoft Learning</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Talk about the E-Learning Course</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Microsoft Learning (formerly MS Training & Certification and MS Press) develops courseware called Microsoft Official Curriculum (MOC), which includes eLearning, MS Press Books, Workshops, Clinics, and Microsoft Skills Assessment. MOC is offered in instructor-led environments; it offers comprehensive training courses for IT professionals, support, and implementation solutions using Microsoft products and technologies. The courses that best support this session are Updating Your Database Administration Skills to Microsoft SQL Server 2005 and Updating Your Database Development Skills to Microsoft SQL Server 2005, which are both available now. For more information please visit </SLIDESCRIPT> <SLIDETRANSITION>There is also an assessment program available that can help you test you knowledge. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION> Para ver el programa detallado o para encontrar un proveedor de capacitación, visite

Evaluar su Preparación Evaluación de habilidades de Microsoft
¿Qué es la evaluación de habilidades de Microsoft? Una herramienta de aprendizaje de auto estudio para evaluar la preparación respecto a las soluciones de productos y tecnología, en lugar de roles de trabajo (certificación) Windows Server 2003, Exchange Server 2003, Windows Storage Server 2003, Visual Studio .NET, Office 2003 Sin costo, en línea, sin supervisión y disponibles para cualquiera Responde a la pregunta: “¿Estoy listo?” Determina las diferencias en habilidades y proporciona planes de estudio con cursos de Microsoft Official Curriculum Coloque su Calificación más alta para ver cómo se compara con los demás visite <SLIDETITLE>Skills assessment</SLIDETITLE> <KEYWORDS>Assessment, Microsoft Learning, Certification</KEYWORDS> <KEYMESSAGE>Microsoft Learning provides a free online learning tool</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Microsoft Skills Assessment is a free online learning tool. It’s an easy way for IT professionals to check their skills for implementing or managing Microsoft product or business solutions. Just take a short, 30 question assessment and see how well you know your stuff. The Skills Assessment includes a Personalized Learning Plan, which includes links to Microsoft Official Curriculum, specific TechNet articles, Press books, and other Microsoft learning content. There’s also a way to measure how well you did compared with others who took the same assessment. Microsoft Skills Assessment is an expanding learning platform. Available now are assessments for Windows Server 2003 including security and patch management, Exchange Server 2003, Windows Storage Server, Office 2003, and Visual Studio .NET. </SLIDESCRIPT> <SLIDETRANSITION>If you want to take your skills assessment to the next level, there are a number of Certification programs available.</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Conviértase en un Microsoft Certified Systems Administrator (MCSA)
¿Qué es la certificación MCSA? Para los Profesionales de informática que manejan y mantienen redes y sistemas basados en Microsoft Windows Server ¿Cómo me convierto en un MCSA de Microsoft Windows Server 2003? Apruebe 3 exámenes básicos Apruebe un examen opcional o dos certificaciones CompTIA ¿Dónde obtengo mayores informes? <SLIDETITLE> MCSA Certification </SLIDETITLE> <KEYWORDS>MSCA, Microsoft Learning, Certification</KEYWORDS> <KEYMESSAGE>Prove your skills administering a Windows Environment</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> The Microsoft Certified Systems Administrator (MCSA) certification is designed for professionals who implement, manage, and troubleshoot existing network and system environments based on Microsoft Windows® Server Implementation responsibilities include installing and configuring parts of the systems while management responsibilities include administering and supporting the systems. For more information about the MCSA certification, please visit: </SLIDESCRIPT> <SLIDETRANSITION>The MCSE Certification is also available. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Conviértase en un Microsoft Certified Systems Engineer (MCSE)
¿Qué es la certificación MCSE? Certificación Premier para los Profesionales de informática que analizan los requisitos, diseñan, planean e implementan la infraestructura para las soluciones empresariales con base en Microsoft Windows Server System ¿Cómo me convierto en un MCSE de Windows Server 2003? Apruebe 6 exámenes básicos Apruebe un exámen opcional de una lista completa ¿Dónde obtengo mayores informes? <SLIDETITLE> MCSE Certification </SLIDETITLE> <KEYWORDS>MSCE, Microsoft Learning, Certification</KEYWORDS> <KEYMESSAGE>Prove your skills at designing, planning and implementing the Windows Server System</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> The Microsoft Certified Systems Engineer (MCSE) credential is the premier certification for professionals who analyze the business requirements and design, plan, and implement the infrastructure for business solutions based on the Microsoft Windows Server System integrated server software. Implementation responsibilities include installing, configuring, and troubleshooting network systems. For more information about the MCSE certification, please visit: <SLIDETRANSITION>This event is presented to you by TechNet. So what is TechNet?. </SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

Suscripciones a TechNet ¿Ya se enteró de lo más reciente?
¡Software sin límites de tiempo! El software para evaluación de la versión completa proporciona una mayor flexibilidad a los suscriptores a TechNet Plus. Soporte técnico complementario. Los dos incidentes gratuitos de soporte técnico que se incluyen con todas las suscripciones a TechNet Plus le ahorran tiempo al resolver problemas de misión crítica. Tenga a la mano los recursos más actuales. Evalúe, implemente y brinde soporte a las soluciones de Microsoft, que se ofrecen mensualmente en CD o en DVD, sin depender de una conectividad a Internet ni de los firewalls. <SLIDETITLE> TechNet Subscription </SLIDETITLE> <KEYWORDS>Technet</KEYWORDS> <KEYMESSAGE>TechNet Plus has some new benefits</KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT> Many of you may be familiar with the Microsoft TechNet events and the Web site, but have you heard the news about valuable benefits for TechNet Plus subscribers? Developed in response to customer feedback, TechNet Plus v2.0 is the most convenient and reliable source for evaluating, managing, and supporting Microsoft products. With TechNet Plus you can: Evaluate Microsoft software without time limits. This is a huge benefit and allows IT pros to try products such as Microsoft Office System and Windows Server System software without the worry of timing-out. Save time resolving mission-critical systems issues. TechNet Plus subscriptions include two complimentary technical support incidents to help IT pros resolve mission-critical issues fast. And, in countries where pay-per-incident support is offered, TechNet Plus subscribers receive a 20% discount on any additional support calls. TechNet Plus ensures there are resources available to address your technical issues, and that you have the most current resources on hand for evaluating, implementing, and supporting Microsoft solutions. For details on this visit </SLIDESCRIPT> <SLIDETRANSITION>TechNet also provides a number of community resources</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

¿En dónde puedo obtener ayuda?
Chats y difusiones por el Web gratuitos Lista de grupos de noticias Sitios de la comunidad de Microsoft Eventos de la comunidad Columna de la comunidad <SLIDETITLE>Community Help</SLIDETITLE> <KEYWORDS></KEYWORDS> <KEYMESSAGE>Where to get more help </KEYMESSAGE> <SLIDEBUILDS>0</SLIDEBUILDS> <SLIDESCRIPT>There are a number of community resources available on TechNet, all of them then free. You can attend a regular chat with members of the products groups or technology specialists from Microsoft or you can attend a Web cast where you can see sessions like the one you’ve just watched, but presented live and with the ability to ask questions as you go. You can also locate or post questions into the public newsgroups. The newsgroup page lists the available groups, plus provides an interface for you to read and post into. Those TechNet Plus subscribers can use these groups to post questions that through your subscription ID will be answered by Microsoft within 24 hours. The main community site provides a comprehensive list of resources available, more than we can cover on this slide, plus the page has some dynamic features with continually updating content. The events page provides dates and details where you can attend a TechNet event live. These events take places worldwide and provide you the opportunity to take to Microsoft specialists face-to-face. And finally, the TechNet Columns provide a variety of topics written by industry author. </SLIDESCRIPT> <SLIDETRANSITION>[Thanks the audience for attending and sign off]</SLIDETRANSITION> <ADDITIONALINFORMATION><ITEM></ITEM></ADDITIONALINFORMATION>

TNT4-05 <SLIDETITLE>Entry Slide</SLIDETITLE>

Presentaciones similares

Presentación del tema: "TNT4-05 <SLIDETITLE>Entry Slide</SLIDETITLE>"— Transcripción de la presentación:

Presentaciones similares

Sobre el proyecto

Feedback

Iniciar la sesión

Autorizarse a través de una red social:

TNT4-05 <SLIDETITLE>Entry Slide</SLIDETITLE>

Presentaciones similares

Presentación del tema: "TNT4-05 <SLIDETITLE>Entry Slide</SLIDETITLE>"— Transcripción de la presentación:

Presentaciones similares

Sobre el proyecto

Feedback