Latest MCSE 70-462 Real Exam Download 31-40

QUESTION 31

You administer a Microsoft SQL Server 2012 database.

The database has a table named Customers owned by UserA and another table named Orders owned by

UserB.

You also have a stored procedure named GetCustomerOrderInfo owned by UserB.

GetCustomerOrderInfo selects data from both tables.

You create a new user named UserC. You need to ensure that UserC can call the GetCustomerOrderInfo stored procedure.

You also need to assign only the minimum required permissions to UserC.

Which permission or permissions should you assign to UserC? Choose all that apply.

A. The Select permission on Customers

B. The Execute permission on GetCustomerOrderInfo

C. The Take Ownership permission on Customers

D. The Control permission on GetCustomerOrderInfo

E. The Take Ownership permission on Orders

F. The Select permission on Orders

Correct Answer: AB

QUESTION 32

You administer a Microsoft SQL Server 2012 database named ContosoDb.

The database contains a table named Suppliers and a column named IsActive in the Purchases schema. You create a new user named ContosoUser in ContosoDb. ContosoUser has no permissions to the

Suppliers table.

You need to ensure that ContosoUser can delete rows that are not active from Suppliers.

You also need to grant ContosoUser only the minimum required permissions. Which Transact-SQL

statement should you use?

A. GRANT DELETE ON Purchases.Suppliers TO ContosoUser

B. CREATE PROCEDURE Purchases.PurgeInactiveSuppliers

WITH EXECUTE AS USER = ‘dbo’

AS

DELETE FROM Purchases.Suppliers WHERE IsActive = 0

GO

GRANT EXECUTE ON Purchases.PurgelnactiveSuppliers TO ContosoUser

C. GRANT SELECT ON Purchases.Suppliers TO ContosoUser

D. CREATE PROCEDURE Purchases.PurgeInactiveSuppliers

AS

DELETE FROM Purchases.Suppliers WHERE IsActive = 0

GO

GRANT EXECUTE ON Purchases.PurgeInactiveSuppliers TO ContosoUser

Correct Answer: B

QUESTION 33

You use a contained database named ContosoDb within a domain.

You need to create a user who can log on to the ContosoDb database.

You also need to ensure that you can port the database to different database servers within the domain without additional user account configurations.

Which type of user should you create?

A. User mapped to a certificate

B. SQL user without login

C. Domain user

D. SQL user with login

Correct Answer: C

QUESTION 34

You administer a Microsoft SQL Server 2012 database that has multiple tables in the Sales schema.

Some users must be prevented from deleting records in any of the tables in the Sales schema. You need to manage users who are prevented from deleting records in the Sales schema.

You need to achieve this goal by using the minimum amount of administrative effort. What should you do?

A. Create a custom database role that includes the users. Deny Delete permissions on the Sales schema for the custom database role.

B. Include the Sales schema as an owned schema for the db_denydatawriter role. Add the users to the db_denydatawriter role.

C. Deny Delete permissions on each table in the Sales schema for each user.

D. Create a custom database role that includes the users. Deny Delete permissions on each table in the

Sales schema for the custom database role.

Correct Answer: A

QUESTION 35

You are the lead database administrator (DBA) of a Microsoft SQL Server 2012 environment.

All DBAs are members of the DOMAIN\JrDBAs Active Directory group. You grant DOMAIN\JrDBAs access to the SQL Server.

You need to create a server role named SpecialDBARole that can perform the following functions: View all databases.

View the server state.

Assign GRANT, DENY, and REVOKE permissions on logins.

You need to add DOMAIN\JrDBAs to the server role.

You also need to provide the least level of privileges necessary.

Which SQL statement or statements should you use? Choose all that apply.

A. CREATE SERVER ROLE [SpecialDBARole] AUTHORIZATION setupadmin;

B. ALTER SERVER ROLE [SpecialDBARole] ADD MEMBER [DOMAIN\JrDBAs];

C. CREATE SERVER ROLE [SpecialDBARole] AUTHORIZATION securityadmin;

D. GRANT VIEW DEFINITION TO [SpecialDBARole];

E. CREATE SERVER ROLE [SpecialDBARole] AUTHORIZATION serveradmin;

F. GRANT VIEW SERVER STATE, VIEW ANY DATABASE TO [SpecialDBARole];

Correct Answer: BCF

QUESTION 36

You administer a Microsoft SQL Server 2012 database that has Trustworthy set to On.

You create a stored procedure that returns database-level information from Dynamic Management Views. You grant User1 access to execute the stored procedure.

You need to ensure that the stored procedure returns the required information when User1 executes the stored procedure.

You need to achieve this goal by granting the minimum permissions required. What should you do? (Each correct answer presents a complete solution. Choose all that apply.)

A. Create a SQL Server login that has VIEW SERVER STATE permissions.

Create an application role and a secured password for the role.

B. Modify the stored procedure to include the EXECUTE AS OWNER statement.

Grant VIEW SERVER STATE permissions to the owner of the stored procedure.

C. Create a SQL Server login that has VIEW SERVER STATE permissions.

Modify the stored procedure to include the EXECUTE AS {newlogin} statement.

D. Grant the db_owner role on the database to User1.
E. Grant the sysadmin role on the database to User1.

Correct Answer: BC

QUESTION 37

You are migrating a database named Orders to a new server that runs Microsoft SQL Server 2012.

You attempt to add the [Corpnet\User1] login to the database. However, you receive the following error message:

"User already exists in current database."

You need to configure the [Corpnet\User1] login to be able to access the Orders database and retain the original permissions.

You need to achieve this goal by using the minimum required permissions.Which Transact-SQL statement should you use?

A. DROP USER [User1];

CREATE USER [Corpnet\User1] FOR LOGIN [Corpnet\User1];

ALTER ROLE [db_owner] ADD MEMBER [Corpnet\User1];

B. ALTER SERVER ROLE [sysadmin] ADD MEMBER [Corpnet\User1];

C. ALTER USER [Corpnet\User1] WITH LOGIN [Corpnet\User1];

D. ALTER ROLE [db_owner] ADD MEMBER [Corpnet\User1];

Correct Answer: C

QUESTION 38

You administer a Microsoft SQL Server 2012 database. You configure Transparent Data Encryption (TDE)

on the Orders database by using the following statements:

CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘MyPassword1!’;

CREATE CERTIFICATE TDE_Certificate WITH SUBJECT = ‘TDE Certificate’;

BACKUP CERTIFICATE TDE_Certificate TO FILE = ‘d:\TDE_Certificate.cer’

WITH PRIVATE KEY (FILE = ‘d:\TDE_Certificate.key’, ENCRYPTION BY PASSWORD =

‘MyPassword1!’);

CREATE DATABASE ENCRYPTION KEY WITH ALGORITHM = AES_256

ENCRYPTION BY SERVER CERTIFICATE TDE_Certificate; ALTER DATABASE Orders SET ENCRYPTION ON;

You attempt to restore the Orders database and the restore fails.

You copy the encryption file to the original location. A hardware failure occurs and so a new server must be installed and configured.

After installing SQL Server to the new server, you restore the Orders database and copy the encryption files to their original location. However, you are unable to access the database.

You need to be able to restore the database.

Which Transact-SQL statement should you use before attempting the restore?

A. CREATE ASSEMBLY TDE_Assembly

FROM ‘d:\TDE_Certificate.cer’

WITH PERMISSION_SET = SAFE;

GO

CREATE CERTIFICATE TDE_Certificate

FROM ASSEMBLY TDE_Assembly;

B. CREATE CERTIFICATE TDE_Certificate

FROM EXECUTABLE FILE = ‘d:\TDE_Certificate.cer’

C. CREATE CERTIFICATE TDE_Certificate

FROM FILE = ‘d:\TDE_Certificate.cer’

WITH PRIVATE KEY (FILE = ‘d:\TDE_Certificate.key’, DECRYPTION BY PASSWORD

‘MyPassword1!’);

D. DECLARE @startdate date

SET @startdate = GETDATE()

CREATE CERTIFICATE TDE_Certificate

FROM FILE = ‘d:\TDE_Certificate.cer’

WITH START_DATE = @startdate;

Correct Answer: C

QUESTION 39

You administer a Microsoft SQL Server 2012 database.

You provide temporary securityadmin access to User1 to the database server.

You need to know if User1 adds logins to securityadmin. Which server-level audit action group should you use?

A. SERVER_STATE_CHANGE_GROUP

B. SERVER_PRINCIPAL_IMPERSONATION_GROUP
C. SUCCESSFUL_LOGIN_GROUP

D. SERVER_ROLE_MEMBER_CHANGE_GROUP

Correct Answer: D

QUESTION 40

You administer a Microsoft SQL Server 2012 instance.

You need to stop a blocking process that has an SPID of 64 without stopping other processes. What should you do?

A. Execute the following Transact-SQL statement:

EXECUTE sp_KillSPID 64

B. Restart the SQL Server service.