DP-300: Administering Microsoft Azure SQL Solutions Certification Video Training Course
The complete solution to prepare for for your exam with DP-300: Administering Microsoft Azure SQL Solutions certification video training course. The DP-300: Administering Microsoft Azure SQL Solutions certification video training course contains a complete set of videos that will provide you with thorough knowledge to understand the key concepts. Top notch prep including Microsoft Azure Database DP-300 exam dumps, study guide & practice test questions and answers.
DP-300: Administering Microsoft Azure SQL Solutions Certification Video Training Course Exam Curriculum
Review prerequisites
-
1. Getting a free trial of Microsoft Azure6:00
-
2. Creating Azure SQL Database with sample data11:00
-
3. Installing SSMS, connecting to Azure SQL Database, and quick look around SSMS11:00
-
4. Review 6 principal clauses of the SELECT statement6:00
-
5. Review JOINs4:00
Optimize Query Performance
-
1. 69. validate data types defined for columns9:00
-
2. 66. identify data quality issues with duplication of data6:00
-
3. 67. identify normal form of database tables - Normal Forms 1 to 39:00
-
4. 67. identify normal form of database tables - Normal Forms 4 to 57:00
-
5. 58. determine the appropriate type of execution plan6:00
-
6. Different types of loops used in execution plans, and Scan and Seek6:00
-
7. 59. identify problem areas in execution plans7:00
Evaluate performance improvements
-
1. 63, 68. identify and implement index changes for queries11:00
-
2. 61. DMVs which gather query performance information6:00
-
3. 61, 62. determine the appropriate DMVs to gather performance information8:00
-
4. 64. recommend query construct modifications based on resource usage9:00
-
5. 65. assess the use of hints for query performance8:00
Plan and Implement Data Platform Resources
-
1. 1. deploy database offerings on selected platforms4:00
-
2. 2, 80. configure customized deployment templates8:00
-
3. 4, 5. evaluate requirements and functional benefits/impact for the deployment8:00
-
4. 6, 8. evaluate scalability and security aspects5:00
-
5. 7. HA/DR of the possible database offerings8:00
Configure Azure SQL Database resource for scale and performance
-
1. 9. configure Azure SQL Database for scale and performance5:00
-
2. 9, 53, 56. vCore-based purchasing model9:00
-
3. 9, 53, 56. DTU-based purchasing model, Server vs Serverless7:00
-
4. 9, 53, 56. Serverless/provisioned and elastic pools6:00
-
5. 9, 53, 56. Other Azure SQL Database configuration settings4:00
-
6. 12. calculate resource requirements, including Elastic pool requirements4:00
-
7. 13, 71. evaluate database partitioning techniques, such as database sharding11:00
-
8. 72. evaluate the use of compression for tables and indexes13:00
-
9. 14. set up SQL Data Sync12:00
Evaluate a strategy for migrating to Azure
-
1. 15, 16. evaluate requirements and strategies for the migration7:00
-
2. 19, 20. Azure Migrate3:00
-
3. 19, 20. SQL Server Migration Assistant (SSMA)5:00
-
4. 19, 20. Data Migration Assistant (DMA)7:00
-
5. 19, 20. Azure Database Migration Service (DMS)7:00
Configure database AuthN and AuthZ by using platform and database tools
-
1. 23. configure Azure AD authentication8:00
-
2. 24. create users from Azure AD identities8:00
-
3. 25, 113. configure security principals - roles9:00
-
4. 25, 113. configure security principals - GRANT/REVOKE/DENY4:00
-
5. 25, 113. configure security principals - individual permissions5:00
-
6. 25, 113. configure security principals - the ALL permission4:00
-
7. 114. configure permissions by using custom roles5:00
-
8. 27. apply principle of least privilege for all securables3:00
Implement security for data at rest and in transit
-
1. 28. implement Transparent Data Encryption (TDE)4:00
-
2. 29, 33. implement object-level encryption and Always Encrypted10:00
-
3. 29, 33. More about Always Encrypted9:00
-
4. Always Encrypted versus Transparent Data Encryption2:00
-
5. 30. implement Dynamic Data Masking8:00
-
6. 32. configure server and database-level firewall rules8:00
Implement compliance controls for sensitive data
-
1. 34. apply a data classification strategy6:00
-
2. 35. configure server and database audits9:00
-
3. 36. implement data change tracking - Change Tracking10:00
-
4. 36. implement data change tracking - Change Data Capture7:00
-
5. 37. perform a vulnerability assessment5:00
Monitor activity and performance
-
1. 38. prepare an operational performance baseline - Metrics Explorer5:00
-
2. 38. prepare an operational performance baseline - Other ways5:00
-
3. 77. create event notifications for Azure resources9:00
-
4. 39. determine sources for performance metrics5:00
-
5. 40. interpret performance metrics6:00
-
6. 41. assess database performance by using Intelligent Insights4:00
-
7. 42. configure and monitor activity and performance5:00
Implement performance-related maintenance tasks
-
1. 43, 50. implement index maintenance tasks8:00
-
2. 44. implement statistics maintenance tasks3:00
-
3. 45, 82. configure database auto-tuning and automate performance tuning5:00
-
4. 47. manage storage capacity5:00
-
5. 50, 105. assess growth/fragmentation and report on database free space5:00
Identify performance-related issues
-
1. 48, 60. Query Store - an introduction6:00
-
2. 48, 60. configure Query Store to collect performance data, extract query plans9:00
-
3. 49. identify sessions that cause blocking5:00
-
4. Isolation Levels6:00
-
5. 51. assess performance-related database configuration parameters6:00
-
6. 57. configure Intelligent Query Processing (IQP)10:00
Automate tasks and Perform backup and restore a database by using database tools
-
1. 46. What is Elastic Job Agent?6:00
-
2. 46. automate database maintenance tasks11:00
-
3. Full, differential and transaction log backups5:00
-
4. 89, 92. perform a database restore to a point in time - test DR6:00
-
5. 93. configure long-term backup retention4:00
Recommend an HADR strategy for a data platform solution
-
1. 84. recommend HADR strategy based on RPO/RTO requirements7:00
-
2. 86, 87. evaluate Azure-specific HADR solutions6:00
-
3. 94. configure replication - Active Geo-replication11:00
-
4. 88, 89, 96. configure auto-failover groups and test HA by using failover8:00
Perform Administration by Using T-SQL
-
1. 101. evaluate database health using DMVs - overall resource usage5:00
-
2. 101. evaluate database health using DMVs - other topics5:00
-
3. 102. evaluate server health using DMVs3:00
-
4. 103. perform database consistency checks by using DBCC8:00
-
5. 106. review database configuration options4:00
Introduction to Virtual Machines and Managed Instances (MI)
-
1. 4-8. Evaluating MIs and VMs based on specific requirements6:00
-
2. 10, 53, 56. configure Azure SQL Managed Instance for scale and performance5:00
-
3. More about Azure SQL Managed Instance5:00
-
4. Accessing Azure SQL Managed Instance in SSMS6:00
-
5. 11, 53, 56. configure SQL Server in Azure VMs for scale and performance - Part 17:00
-
6. 11, 53, 56. configure SQL Server in Azure VMs for scale and performance - Part 25:00
-
7. Logging into SQL Server on Azure Virtual Machines7:00
-
8. 52. Adding additional disks to the Azure Virtual Machine8:00
Upgrade strategy, configure database authentication, and filegroups
-
1. 17, 18. evaluate requirements and strategies for the upgrade5:00
-
2. 21, 22. implement an online and offline upgrade strategy7:00
-
3. 24, 112. create users from Azure AD identities (MIs and VMs)7:00
-
4. 111. manage certificates using T-SQL4:00
-
5. 26, 113. configure database and object-level permissions using graphical tools3:00
-
6. 25, 112, 114. configure security principals (MIs and VMs)7:00
-
7. 70, 104. recommend table and index storage including filegroups (MI and VMs)11:00
Evaluate and implement an alert and notification strategy
-
1. 76, 79. create event notifications based on metrics4:00
-
2. 75. configure notifications for task success/failure/non-completion5:00
-
3. 46, 73. manage schedules and automate maintenance jobs8:00
-
4. 78. create alerts for server configuration changes4:00
-
5. 77. split and filter event notifications for Azure resources3:00
Identify performance-related issues
-
1. 39. determine sources for performance metrics6:00
-
2. 43. implement index maintenance tasks (Database Engine Tuning Advisor)4:00
-
3. 42. Monitor activity using SQL Profile, Extended Events, Performance Dashboard8:00
-
4. 54. configure Resource Governor for performance (VM/MI)8:00
Create scheduled tasks
-
1. 3, 82. apply patches and updates for hybrid and IaaS deployment5:00
-
2. 31. implement Azure Key Vault and disk encryption for Azure VMs4:00
-
3. 74. configure multi-server automation4:00
-
4. 83. implement policies by using automated evaluation modes8:00
Perform backup and restore a database by using database tools - VMs
-
1. 81. automate backups4:00
-
2. 90. perform a database backup with options7:00
-
3. 108, 110. database (and transaction log) backups with options in T-SQL code7:00
-
4. 91, 92. perform a database restore with options12:00
-
5. 109. perform restore of user databases in T-SQL3:00
Recommend and test HA/DR strategies, and configure HA/DR
-
1. 94. configure replication - Transactional replication9:00
-
2. 85, 86, 87. evaluate HADR for hybrid and Azure-specific deployments8:00
-
3. Creating Virtual Machines for Failover Cluster and Always On Availability Group5:00
-
4. Connecting Virtual Machines to a Domain13:00
-
5. 100. Configure failover cluster instances on Azure VMs5:00
-
6. 107. Checking SQL Server Installation and preparing for AO6:00
-
7. 98. configure quorum options for a Windows Server Failover Cluster8:00
-
8. 95, 97. create an Availability Group6:00
-
9. 89, 97. Failover and integrate a database into an Always On Availability Group4:00
-
10. 99. configure an Always On Availability Group listener2:00
About DP-300: Administering Microsoft Azure SQL Solutions Certification Video Training Course
DP-300: Administering Microsoft Azure SQL Solutions certification video training course by prepaway along with practice test questions and answers, study guide and exam dumps provides the ultimate training package to help you pass.
Configure database AuthN and AuthZ by using platform and database tools
1. 23. configure Azure AD authentication
Hello. And in this section, we're going to start looking at how we can implement a secure environment. Now, as I said before, this course's DP 300 requirements don't go into a huge amount of detail as to the Azure security that you might need. It just has a limited number of things that we'll be looking at. So we'll be starting with how we can configure authentication in Azure Active Directory. Now, before we start, I want to talk about the difference between authentication, also known as Auth N, and authorization, also known as Auth Z.
So authenticity is a part of who you are. So in other words, if I log in, how can I make sure that it is me logging in and providing support to other people? Authentication should be separate from authorization, which is what you can access. So that's quite different. Now, if we have a look at this authentication, you can see we can use Windows authentication.
If you are on a Windows machine or in a Windows domain, Windows authentication is ideal. However, with Azure, unless you're using a virtual machine on SQL Server, that's not going to happen. SQL Server authentication, that is, using a username and password, But it's these and a few more that I want to talk about in your Active Directory. So if I go into the portal and look for your Active Directory, which is also an acronym for Aid, you can see that we have our tenant. So this is our organization, which has users. And then if I click on the users here, you can see that I've got multiple users setup from previous courses that I have created.
So why might you want to use Azure Active Directory as opposed to SQL Server authentication? It's just a username and password, with SQL Server authentication potentially sent in plain text, whereas this method is much more secure and can use additional methods to ensure it's you. Now, if you are used to using Windows Server, you'll know that there's a Windows Server Active Directory that is different from Azure Active Directory, even though they've got the same Active Directory. However AAD. The Azure version can synchronise with the on-premises Windows Server Active Directory. Now, we have already come across the ActiveDirectory, and that is when we log in.
So if I just sign out and log in again, this is logging into Azure Active Directory. So I'm going to log in after I put in my password. But it may be that I've also asked it to ask me for additional things. And if I go back into Azure ActiveDirectory and have a look at authentication methods, you can see that at the moment it supports things like the Fiddle security key. So, fiddle with the security key; this is hardware that you have on your computer. So you can see that Microsoft authentication is extremely strong. Again, this is strong authentication. It is a phone app, so you can have it on your mobile phone. It also supports text messaging and a temporary access pass.
So again, both of these are considered additional forms of authentication, but the text message is stronger because you need to have your phone to hand for a temporary access pass that is not necessarily as strong as it is for onboarding and recovery. So these things can be configured in your Azure Active Directory. Now, there are three different ways that you can authenticate in.You've got cloud-only identities, federated authentication, and passthrough authentication. So if we start with Federated Authentication, if you want to integrate with an existing federation provider, then you can use Federated Authentication. Assume I had another app and wanted to use it with a federated authentication login to Azure Active Directory.
So this can also be used if you have a sign-in requirement that is not natively supported by Azure Active Directory. There are only cloud-based identities. So this is when you want Azure Active Directory to handle sign-in completely in the cloud. So when you say ActiveDirectory, you take care of it completely. And then there's pass-through authentication. That concludes the list of events. So, if you don't have a sign-in requirement that isn't natively supported by Active Directory, and you want to do something else, perhaps you want to enforce user-level Active Directory security policies during sign-in, perhaps because you don't have integration with an existing federation provider.
So you'll probably hear these three different terms for "cloud-only identities," which is what we're using here. hybrid identities that support cloud authentication, maybe using a password hash or, as we said, a pass-through authentication. And we've also got hybrid identities that support federated authentication. Let's take a look at some of the other ways we can log in.
Well, if you've got an app running on an Azure Virtual Machine, then you can use passwordless authentication. That's basically the equivalent of Windows authentication. You're already there. If you've got an app running on a non-Azure machine that is domain-joined, then you can use managed identities. If you have one that's not joined, then you have certificate possibilities. You can create a certificate, and the app can connect to your Azure data using that. So that's what apps are. If you've got an old app where you can't change the connection string, by the way, you're probably stuck with SQL Server authentication.
However, if you're using an admin tool such as Microsoft SQL Server Management Studio on a computer that is not domain-joined, then you can either use integrated authentication or you can use interactive authentication with a multifactor authentication. So that's what MFA stands for: multifactor authentication. So if you want to create a new user in AAD, then you just go to users within your tenant. So within AED, you can see I've got these users, and you can give a new guest user, a new user, or a bulk invite. You've got plenty of other things—per user, multifactor authentication, etc.
And so for the new user, you need to provide their identity, their groups, and their roles. In other words, what can they do to gain authorization and then sign in and provide additional information? So that can all be done there. Now, I already have some AIDS users, so I don't actually need to create one there. If I did create one, Azure will give you an automatically generated password, by the way.
If I want to delete someone, I can simply click on their name and then click Delete User. This is where you can manage all of your users. So Azure Active Directory authentication So if you look for it in the portal, you can see that you can manage all sorts of things in it. And we're only going to be looking at the tip of the iceberg in this particular course with regard to how it reacts with SQL Server. So, from here, you can add users, groups, and other authentication methods, among other things.
2. 24. create users from Azure AD identities
Now in this video, we're going to create SQL Server users from Azure Active Directory identities. So I'm going to log in with my SQL Server authentication. By the way, this isn't going to work, but I'm just going to show you what's not going to happen. So here we go. And what I need to do is just say "create user." So I need a username. So I'm going to have Jane here. So Janet and I will put this in hard brackets. So there is our user and we'll say from external provider. That is to say, obtain it from Active Directory or Azure. Active directory. Now you can say other things. So, with whatever the default schema is and whatever the default language is, And you can also say a few other things. But in essence, we've got the createuser name of the user from an external provider.
So we don't need to create a password or anything because we already created one when we created the user in Azure Active Directory. So I'm just going to press Execute, and that's fine. So this is how you can create a user from an Active Directory identity in Azure Active Directory identity.And there we go. Execute the work, find an The principle cannot be created. Only connections established with an Active Directory account can create other Active Directory accounts. So the problem is, I logged in with SQL Server authentication. Okay, so let's disconnect that. So simply right-click on this and select disconnect. And let's connect again using Azure Active Directory. So I'll put in my name and connect.
I'm having trouble logging you in. Okay, I haven't got a user for this particular user name. I've got a user for my DP 300 name. So hang on. I need to create a second Active Directory user in SQL. But I can only do that if I already have a first Active Directory user in SQL Server. But how do I create that first one if I can't log in using an Active Directory server? I hope you can see the problem. However, it is resolvable if we go into my SQLServer, not the database, but the server on the portal. And then I went to the Azure Active Directory setting on the server. So I need to set up an admin here. So once I do that, then I can use that admin to log into SSMS and then create that user. So I'm going to select Jane to be my user. So she is going to be an administrator. She's going to have what's called "DB Honor" database roles.
So do be careful who you actually put here. So there we go. And save. Okay, that's done. And you'll notice, incidentally, that there is a support-only Azure IT Directory authentication for this server. So in other words, I could deselect or disable SQL authentication. I won't be doing that. But now let's go back into here. We'll go into our Active Directory here. I'll open up a second instance and go into the Azure Active Directory user so you can see the name of the user.
So now I'm going to log in as Jane, who is the administrator, and I get to sign into my account here. So I'll type in my password and click "Sign In," and there we go. I am now signed in as Jane, and because she is the owner of the database, she can do basically whatever she wants. So select Star; you can have more than one owner, by the way, but you can only have one administrator here in the Azure Active Directory admin.
So let's see. If I try and add a second one that works, you can see it replaces the existing one. And I don't want that to happen, so I'll just set it back. So now we have Jane. I am going to add another user. So I'll copy this here, and I'm going to put Susan in. So create user from external provider. And there we are. command was successfully completed.
So now if I try connecting to this using Azure Active Directory and I look for Susan and I enter her password, you can see that the login failed. Now, this is not a particularly good error message (18456). And if I show you the details, state one when you look it up, it simply means I can't give you any more information and you can spend hours figuring out what the problem is. If you've got that, then here's my possible solution. We click on options and go to connection properties.
And here we've got Connected Database, and the default database is shown. Now, if we change that to the name of the actual database and then connect, we find that we can indeed connect. So it's just a small problem, but boy, is it difficult to actually work out what to do. So if I expand the database, then we can see the DP 300 database. Excellent.
I can expand it, and we can see tables. Excellent. Just like this, I can expand tables, and there are no tables that we can see. Similarly, if I expand views, this is in Jane. We can see unrestricted views. If I expand views here, there are no views here. So what's going on? Well, in this chapter, we have dealt with authentication. So who am I? But we've not dealt with authorization.
What can they see? And at the moment, they can see nothing. And we'll be looking at how to do that with authorization in the next video. Just one final thing. When I logged in initially with my SQL Server authentication, I was an SQL Server administrator. Now we've created another administrator. This is an Azure Active Directory administrator.
So what's the difference between them? Well, both of them can create users based on SQL Server authentication logins. By containing database users, they can both create something similar to what we did with Susan. but based on SQL Server authentication without logins. The only thing this one isn't capable of is The Azure Active Directory admin can create a database user based on the Azure Active Directory users and groups, which is what we have done just here.
3. 25, 113. configure security principals – roles
In the previous video, we solved the authentication problem by adding Susan to my database. But now I can't see any tables. Well, maybe it's just a mistake. Maybe it's just not there graphically. So I'll write, click here, and go to a new query. So this is in my Sunner, and I'll just go to Star and select this one's Lt. Delta sales address from there.
No, the select permission on this object was denied. So not only can I not see it in my tree view, I've got no permissions. Okay, so what can I do? One option is to assign Susan to a role. So if I click on roles here in the database, you can see that there are lots of different types of roles, and it's very important that you know what they mean. DP 300 for the exam, so DB Ownerdatabase Owner This is a fixed database role with most configuration, without all configuration, and most maintenance activities in an Azure SQL database. So some activities may require other permissions. This now includes the database permission to Drop. As you can see, it is extremely important. So I am going to add this member to this role. So what I need to do is alter the DB owner and add this member.
Okay, so that's done. And now, if I refresh this database with Susan's login, you can see that we now have access to all of the databases. And if I run this query now, you can see we can do that. Now if I want to remove her, I drop the member. As a result, DB owners are extremely dangerous. It gives far too many permissions unless you need to do so. So maybe I can add something a bit lower than all of that. And you can see that if I refresh this, all of those tables disappear. So what do the other roles do? Well, there is security administration; you can modify role memberships for custom roles only, and you can manage permissions. OK, that doesn't sound too bad. A big warning on this one because you can elevate your own permissions.
Because you can manage permissions, you can manage your own and therefore add additional permissions for yourself. These bottom two are another one to be cautious of. As a DB Access administrator, you can grant and revoke database access for logins and groups. DB backup operator. This is not applicable to an Azure SQL database. It's there just for compatibility purposes. You can backup the database, but it's managed by instances and virtual machines. DDL admin, you can run a DDL command. So we're talking things like create, alter, and drop. With the DB Data Reader, you can read all data from all user tables and views. That sounds better. So if I add that and let's take a look, I'll have access to everything once more.
So if I select "Star Brilliant," maybe I want to add an extra item. So, now that I have a primary key, I can write and click Edit the top 200 rows, and here we are. And I will add an extra item at the bottom. Everything is read-only. I can't do that because I have been given a data reader. If I wanted to do that, I'd have to be assigned Data Writer as well. So that is the ability to add, delete, or change data in user tables, and all user tables at that.
So now you can see it's not saying "Read Only." A DB deny data writer is the inverse of this DB data writer. And there's also a deny data reader. Now that means that you cannot read old data or add, delete, or change data in old user tables. Assume I didn't want this, so I'll delete this member and remove it from the reader. So now again, I can't do anything that none of the tables have access to. So what you might be wondering is, is there something a bit more granular that you can do? So, for instance, maybe I want somebody to have access to one particular table. Well, that is indeed possible, but not with these fixed database roles. "Public," by the way, is everybody.
So when you get access to the database, you have access to the "public database" role, which gives you absolutely nothing. What's new in Azure SQL Database, and if you're used to them in the on-premises version, are two additional database roles that aren't visible here. That's because they only exist in the master database.
So the master database has a lot of system tables and views and that sort of thing. So if I go into security and roles and database roles, you can see that there are two additional items. DB Manager, you can create or delete databases, so it will connect as the database owner, the DBO, and then, in Login Manager, you can create or delete logins in the master database. So that's the equivalent of the security administrator on an on-premises SQL Server, but this is for the master database. Now you can get a list of all the database roles with the still-existing procedure for the "Help" role.
So SP underscore "Help Roll," and that gives you this list. Now there's also role-based access control in Azure, so that's usually abbreviated to RBAC, or Role-Based Access Control. And if you're going to the IAM, that's the access control. You can add role assignments. And there are free role assignments I particularly want to talk about.
So SQL, DB Contributor, and SQL Server Contributor allow you to manage SQL databases and servers, but you don't actually have access to the contents of the databases themselves. You can't also manage their security-related policies. That would be the SQL Security Manager. So you can manage the security-related policies on Azure for SQL servers and databases, but not actually have access to them. In other words, if you don't have incidental access to this type of thing while deploying your databases, Azure will use a server administrator. So you may hear that term. It's a principle in the Azure SQL database.
Now, if you're wondering when I'm going to be mentioning server-wide login permissions, well, I'm not going to do so with regard to the Azure SQL database because you don't actually have access to the underlying server. So we'll be talking about that when we're looking at managed instances and virtual machines. So this is how you can configure security principles with regard to roles. So change the name of the role, then add or remove the member and the member's name.
So we have DB owner and DB security administrator, which you must pay special attention to and not delegate to anyone else. And then we've got data. Reader: data Writer: denied data Reader deny Data Writer DDL Admin, so running DDL commands requires Access Admin to add or remove database access for logins and groups and then back up the operator, which is not usually necessary in an Azure SQL database.
4. 25, 113. configure security principals - GRANT/REVOKE/DENY
Now, suppose we wanted Susan to have access to one particular table but not all of them, like a data reader would give you.
So let's say we wanted sales to address how we could do this instead of using roles. We could just say, "Well, I want you to grant this particular permission," so we could do that with a grant. So I want to grant select permission to an object and then two columns. So it's this particular object. So I'm granting it to her and to Susan.
So if I run that and notice there are no notables that we can see, no user tables, But now that I've run that, we now have access to the exact one that I've just been added to. So if I go in here, I can now run the select statement, so I can't run this select statement on any other table; it just doesn't work. Select permission was denied for the object. Now, it's a bit confusing because it's not actually true. And I'm looking at the word "denied." How I would write this is "select permission that was not granted."
So how can I say, "Okay, I don't want to grant this permission; I want to do the reverse?" But that would be "revoke," "revoke," "select" on the object. So now, if I do this, if I refresh, I can't see this table anymore, and this execute doesn't work. But what does denying do? "Deny" means definitely not. So let's just go through this again. Grant means yes.
Revolt means to remove the yes, whereas denial means to say no. And a no is preferable to a grant. So if I have, for instance, a security role, maybe I've got a security role where I've got the data reader. So let's add to this data, readers, and that will get me everything. So refresh this. So Susan should have access to everything. If I now say deny this selection, then I have a role that says yes, granted, and I've got a denied role that says no.
So what happens? I can no longer select it, and this time it's true. It hasn't been denied. Now, you'll see this error message when it's been denied or when it's currently in the state of revocation; revocation just means somewhere in the middle. How do I get rid of a denial? I reboot it. So revolt just means no permissions. It does not imply that there are no two permissions. It's basically the same as no comment. So it removes yeses and noes, but only insofar as you have direct permissions.
If you obtained the permission from somewhere else, such as being assigned the role of DB datareader, revocation will not override a role, grants, or any other permissions. So now I've got access to it because, even though I have no comment, I have it through this particular role. So this is the principle of how you can grant, deny, or revoke permissions. In the next video, we're going to have a look at what those permissions can be.
Prepaway's DP-300: Administering Microsoft Azure SQL Solutions video training course for passing certification exams is the only solution which you need.
Pass Microsoft Azure Database DP-300 Exam in First Attempt Guaranteed!
Get 100% Latest Exam Questions, Accurate & Verified Answers As Seen in the Actual Exam!
30 Days Free Updates, Instant Download!
DP-300 Premium Bundle
- Premium File 373 Questions & Answers. Last update: Dec 12, 2024
- Training Course 130 Video Lectures
- Study Guide 672 Pages
Free DP-300 Exam Questions & Microsoft DP-300 Dumps | ||
---|---|---|
Microsoft.certkey.dp-300.v2024-11-06.by.george.118q.ete |
Views: 229
Downloads: 413
|
Size: 2.89 MB
|
Microsoft.test-king.dp-300.v2021-07-30.by.maya.105q.ete |
Views: 303
Downloads: 1458
|
Size: 3.1 MB
|
Microsoft.test-inside.dp-300.v2021-06-08.by.axel.84q.ete |
Views: 264
Downloads: 1466
|
Size: 1.74 MB
|
Microsoft.test4prep.dp-300.v2021-02-26.by.alfie.49q.ete |
Views: 367
Downloads: 1572
|
Size: 1.58 MB
|
Microsoft.pass4sures.dp-300.v2020-09-09.by.scarlett.24q.ete |
Views: 696
Downloads: 1889
|
Size: 517.94 KB
|
Student Feedback
Can View Online Video Courses
Please fill out your email address below in order to view Online Courses.
Registration is Free and Easy, You Simply need to provide an email address.
- Trusted By 1.2M IT Certification Candidates Every Month
- Hundreds Hours of Videos
- Instant download After Registration
A confirmation link will be sent to this email address to verify your login.
Please Log In to view Online Course
Registration is free and easy - just provide your E-mail address.
Click Here to Register