Azure SQL Database Encryption


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
Transparent Data Encryption (TDE) performs real-time I/O encryption of data and can be used to secure SQL servers and Azure SQL databases. This course covers how to implement TDE, as well as other encryption solutions such as Always Encrypted and Cell-level encryption. This course is one of a series of courses that cover the objectives for the 70-765: Provisioning SQL Databases exam.

Target Audience
SQL Server database administrators and application developers

Prerequisites
none

Expected Duration (hours)
1.6

Lesson Objectives

Azure SQL Database Encryption

  • start the course
  • provide a general overview of transparent data encryption
  • demonstrate how to use transparent data encryption
  • demonstrate how to use transparent data encryption commands and functions
  • describe the TDE catalog views in SQL Server 2016
  • describe the TDE dynamic management views in SQL Server 2016
  • describe considerations when implementing TDE
  • demonstrate how to enable TDE using the Azure portal
  • demonstrate how to enable and disable TDE using PowerShell
  • demonstrate how to disable TDE using the Azure portal
  • describe how to move a TDE protected database
  • describe the Always Encrypted database engine feature
  • recognize when to use the Always Encrypted feature in SQL Server 2016
  • configure Always Encrypted in SQL Server 2016
  • describe the available database permissions in SQL Server 2016
  • understand the encryption key hierarchy in SQL Server 2016
  • recognize when to use cell-level encryption
  • describe the security permissions required for cell-level encryption
  • demonstrate how to encrypt data using simple symmetric encryption
  • configure encryption for Azure SQL Databases

    • Course Number:
    df_sqlp_a06_it_enus

    Expertise Level
    Intermediate