PrepAway - Latest Free Exam Questions & Answers

You administer a Microsoft SQL Server…

You administer a Microsoft SQL Server 2012 database.

You configure Transparent Data Encryption (TDE) on the Orders database by using the following statements:

CREATE MASTER KEY ENCRYPTION BY PASSWORD = MyPassword1!

CREATE CERTIFICATE TDE_Certificate WITH SUBJECT = TDE Certificate;

BACKUP CERTIFICATE TDE_Certificate TO FILE = d:\TDE_Certificate.cer

WITH PRIVATE KEY (FILE = D:\TDE_Certificate.key,

ENCRYPTION BY PASSWORD = MyPassword1!);

CREATE DATABASE ENCRYPTION KEY

WITH ALGORITHM = AES_256

ENCRYPTION BY SERVER CERTIFICATE TDE_Certificate;

ALTER DATABASE Orders SET ENCRYPTION ON;

You attempt to restore the Orders database and the restore fails. You copy the encryption file to the original location.

A hardware failure occurs and so a new server must be installed and configured.

After installing SQL Server to the new server, you restore the Orders database and copy the encryption files to their original location. However, you are unable to access the database.

You need to be able to restore the database.

Which Transact-SQL statement should you use before attempting the restore?

A. ALTER DATABASE Master SET ENCRYPTION OFF;

B. CREATE CERTIFICATE TDE_Certificate FROM FILE = d:\TDE_Certificate.cer

WITH PRIVATE KEY (FILE = D:\TDE_Certificate.key,

DECRYPTION BY PASSWORD = MyPassword1!);

C. CREATE CERTIFICATE TDE_Certificate WITH SUBJECT = TDE Certificate; USE Orders;

CREATE DATABASE ENCRYPTION KEY

WITH ALGORITHM = AES_256

ENCRYPTION BY SERVER CERTIFICATE TDE_Certificate;

D. CREATE CERTIFICATE TDE_Certificate FROM FILE = d:\TDE_Certificate.cer;

Explanation:

The CREATE CERTIFICATE command adds a certificate to a database in SQL Server.

Creating a certificate from a file

The following example creates a certificate in the database, loading the key pair from files.

Code

Copy

USE AdventureWorks2012;

CREATE CERTIFICATE Shipping11

FROM FILE = c:\Shipping\Certs\Shipping11.cer

WITH PRIVATE KEY (FILE = c:\Shipping\Certs\Shipping11.pvk,

DECRYPTION BY PASSWORD = sldkflk34et6gs%53#v00);

GO

References: https://docs.microsoft.com/en-us/sql/t-sql/statements/create-certificate-transact-sql


Leave a Reply