You have implemented a database application that uses a SQL Server database. The application has the following characteristics:

* The application uses LINQ to SQL to generate commands to retrieve data.
* The application uses LINQ to SQL to call configured stored procedures to update data.

The application uses Windows Authentication to connect to the database.
Your data administrator grants the following SQL Server permissions:

* All users are given permissions to read and write to tables used by the application.
* All users are given permission to execute stored procedures used by the application.

You need to identify violations of the principle of least privilege.
Which practice do you identify?

 Posted by Rajkatie on 10/31/2012 | Category: ADO.NET Interview questions | Views: 2777 | Points: 40
Select from following answers:
  1. All users do not need permissions to write to tables.
  2. All users do not need permissions to read from tables.
  3. The application should use SQL Server logons to access the database.
  4. All Above

Show Correct Answer


Source: Measureup.com | | Alert Moderator 

Comments or Responses

Login to post response