I am extremely proud to announce what I believe to be the best video course on Windows Server Failover Clustering by my friend and mentor, Microsoft Certified Master and MVP Edwin Sarmiento (b | t). I am very fortunate to be an early subscriber of the course and compared to all other videos/courses I came across in the past, Edwin’s is the best by far. Continue reading “The Best Online Course to Learn Windows Server Failover Cluster”
The BEST Personal Lab Setup Course
In order to learn a topic such as Windows Server Failover Clustering, you must have a complete personal lab. You’re only as good as your lab environment.
My friend and mentor, Microsoft Certified Master and MVP Edwin Sarmiento (b | t) recently published a video course on setting up a personal lab for deploying SQL Server on a Windows Server Failover Cluster.
This course is a preclude to his awesome course on Windows Server Failover Clusters. Continue reading “The BEST Personal Lab Setup Course”
How To Use SQL Server Activity Monitor
Recently I was asked,
If you approached a SQL Server with abnormal usage (slow applications, etc,) and have a limited amount of time, how or what tools would you use to diagnose the issue?
I replied by saying I would execute a great script like sp_whoisactive, by Adam Machanic, or sp_BlitzFirst by Brent Ozar’s team.
He quickly replied, Continue reading “How To Use SQL Server Activity Monitor”
V-40951 – SQL Server 2012 Database Instance DISA STIGs
If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!
V-40951
Title: “SQL Server must support the organizational requirement to employ automated mechanisms for enforcing access restrictions.”
Severity = Medium
Details = Obtain the SQL Server software library installation directory location. Continue reading “V-40951 – SQL Server 2012 Database Instance DISA STIGs”
V-40950 – SQL Server 2012 Database Instance DISA STIGs
If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!
V-40950
Title: “SQL Server must support the employment of automated mechanisms supporting the auditing of the enforcement actions.”
Severity = Medium
Details = Verify that Files and Folders that are part of the SQL Server 2012 Installation have auditing enabled. Continue reading “V-40950 – SQL Server 2012 Database Instance DISA STIGs”
Blog Stats – 2015
My first blog was posted in August of 2015. I didn’t think anyone would ever come to my site but that started to change the more I kept making posts.
Why Post Your Blog Stats?
To me, it’s pure motivation. I love numbers, stats, graphs, etc. So why not? I was a little hesitant to publish in the beginning because of how small my numbers were. It’s like the guy who just started going to lift weights at the gym and is embarrassed that he’s barely bench-pressing the bar next to guys benching 45s. Well, where did they start out? :) Everyone starts at the bottom and works their way up. Continue reading “Blog Stats – 2015”
V-43196 – SQL Server 2012 Database Instance DISA STIGs
If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!
V-43196
Title: “Domain accounts used to manage a SQL Server platform must be different from those used to manage other platforms.”
Severity = Medium
Details = Determine the accounts being used to manage the SQL Server operating system. Determine whether the same accounts are being used to manage other platforms. If the same account is used to manage more than one platform, this is a finding. Continue reading “V-43196 – SQL Server 2012 Database Instance DISA STIGs”
Create Database Audit for INSERT, UPDATE, DELETE in SQL Server
There are a few ways to monitor when someone makes an INSERT, UPDATE or DELETE in SQL Server. One quick and easy way is through SQL Server Audit. Below is a step-by-step way to create that audit:
Expand Security, then right-click Audits and click ‘New Audit…’ Continue reading “Create Database Audit for INSERT, UPDATE, DELETE in SQL Server”
SQL Server Backup Under the SIMPLE Recovery Model
SQL Server Backup Under the SIMPLE Recovery Model
I tend to forget how to do certain database administration tasks if I don’t do them often enough. No matter how *SIMPLE* they might be. :)
Recently at work I saw a production database server that was in the SIMPLE recovery model, that was scheduled for weekly FULL backups and daily DIFFERENTIAL backups. I was a little confused when I first saw this. I wondered, “I thought you cannot do FULL backups in SIMPLE recovery model?” So I checked out Books Online. Continue reading “SQL Server Backup Under the SIMPLE Recovery Model”
Book Review – “Securing SQL Server 3rd Edition” by Denny Cherry
Over the past few years I have been applying DISA STIGs on countless SQL Server environments and never had a “go to” single source that would answer all my SQL Server security-related questions. If not answer, at least guide me in the right direction. That’s why I was super excited when I heard Brent Ozar recommend a book called, “Securing SQL Server” by Denny Cherry’s on his new Office Hours podcast.
I wish I came across Denny Cherry’s “Securing SQL Server” book earlier, but I believe everything happens for a reason so I’m not going to complain. Continue reading “Book Review – “Securing SQL Server 3rd Edition” by Denny Cherry”
Podcast Review – Office Hours with Brent Ozar Unlimited
It takes me roughly 45 minutes to get to work. I don’t like to listen to the radio. Last time I listened to the radio while driving I was blasting Pearl Jam, STP, Nirvana (yes, back in the 90s). Nowadays, I spend my driving time pondering about life, work, etc. How can I get better at work? How can I increase my knowledge of SQL Server? (Yes, I actually do think about that) What blogs, books, videos, podcasts are out there at I have not yet read/heard?
Office Hours Podcast
Luckily for me, Brent Ozar (b | t) has recently launched his “Office Hours” live webinar event as a podcast and it’s available on iTunes. I recently subscribed to it and binge listened to all the episodes over the course of two days. (Yes, I binge listened to a SQL Server podcast on my way to and from work. Don’t hate. :) Continue reading “Podcast Review – Office Hours with Brent Ozar Unlimited”
How to Change Autogrowth in SQL Server 2012
It’s wise to set SQL Server file autogrowth to a set number rather than the default percent. That is because the percent setting can end up growing your file very large. The larger your file, the larger that percent will be. It’s better to set your file autogrowth to a set number and keep an eye on it for proper maintenance. Continue reading “How to Change Autogrowth in SQL Server 2012”
V-40948 – SQL Server 2012 Database Instance DISA STIGs
If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!
V-40948
Title: “Software, applications, and configuration files that are part of, or related to, the SQL Server 2012 installation must be monitored to discover unauthorized changes.”
Severity = High
Details = Verify that files and folders that are part of, or related to, the SQL Server 2012 installation have only the appropriate privileges. Continue reading “V-40948 – SQL Server 2012 Database Instance DISA STIGs”
V-40945 – SQL Server 2012 Database Instance DISA STIGs
If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!
V-40945
Title: “Vendor-supported software and patches must be evaluated and patched against newly found vulnerabilities.”
Severity = High
Details = Check Microsoft’s list of supported SQL Server versions http://www.microsoft.com/sqlserver/en/us/support/support-updates.aspx Continue reading “V-40945 – SQL Server 2012 Database Instance DISA STIGs”
V-40941 – SQL Server 2012 Database Instance DISA STIGs
If you have any additional questions that aren’t addressed in the blog, feel free to contact me. I’d be more than happy to help you out!
V-40941
Title: “SQL Server must have the SQL Server Data Tools (SSDT) software component removed from SQL Server if SSDT is unused.”
Severity = High
Details = Review the list of components and features installed with the database. Using an account with System Administrator privileges, from Command Prompt, open control.exe. Continue reading “V-40941 – SQL Server 2012 Database Instance DISA STIGs”