question

dlineberry avatar image
dlineberry asked

2008 SQL Server Security Training

I am looking to send one of my dba's for training specifically in sql server security. I know many of the classes include some training in areas like creating users, database roles, etc. but what I am looking for is something more thorough than that. Basically I am looking for classes that are specifically geared to every facet of sql security, best practices, data intrusion prevention, data and database encryption, network data segmentation, defining security policies, security auditing, anything and everything. Does anyone have any suggestions for any classes we could look into?
sql-server-2008securitytraining
1 comment
10 |1200 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

where in the world are you?
1 Like 1 ·
DBArgenis avatar image
DBArgenis answered
See if you can get in touch with Bob Beauchemin at SQLSkills.com. He covers all those areas in his courses.
1 comment
10 |1200 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

The IE course Bob teaches that includes security is only 5 modules out of the total amount. ( http://www.sqlskills.com/T_ImmersionSecurityDevSupport.asp) Majority of his course is on development. They don't have an agenda up anymore but I believe of the 5 day course, this was all covered in 1 day.
0 Likes 0 ·
sp_lock avatar image
sp_lock answered
I know you said training, but this book from @mrdenny is a excellent read. Available from [amazon][1] [1]: http://www.amazon.com/Securing-SQL-Server-Protecting-Attackers/dp/1597496251/ref=ntt_at_ep_dpt_2
10 |1200 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Shawn_Melton avatar image
Shawn_Melton answered
You might want to check into training courses dealing with Comptia Security+ or CISSP courses. Those would get very detailed into general security best practices, outside of SQL Server context. Some of those topics are generalized to IT security so most SQL Server courses are not going to cover them that I am aware of.
10 |1200 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

K. Brian Kelley avatar image
K. Brian Kelley answered
The short answer is you're not going to find any security specific training for SQL Server. Denny Cherry, Don Kiely, and I do sessions at SQL Saturdays, SQL Connections, and the PASS Summit, but so far as I am aware, only one of us proposed a security pre-con for SQL Rally, but it wasn't picked by the community. Therefore, the best resources are books. There's Denny's book, mine (How to Cheat at Securing SQL Server 2005 from Syngress), Kevvie Fowler's SQL Server Forensics, and then the general stuff as Shawn mentioned. Given what you're asking, I would not waste my time on CISSP books or courses because those are considered management certs and too high level and conceptual for what you're looking for. Security+ is better, but probably the SANS GIAC curriculum is your best bet.
10 |1200 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

dlineberry avatar image
dlineberry answered
Thanks for all the responses. It sounds like everyone had the same responses I expected. As a matter of fact I am sending one of my other dba's to a sqlskills training in October. However, we did come across this course, http://www.verhoef-training.com/courses/SSSEC.html, I know it current says 2005 but we have spoken to them and they just have not updated their site and they do the same training only for 2008. Has anyone had any experience with this training company?
1 comment
10 |1200 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

I don't recognize the company name and can't access that link from work, but would be curious their excuse for not updating their website. I mean if you are going to be giving training and your website is the source of that information, it should be kept current (SQL 2008 has been out for how long now?). :)
0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.