Hacking and Securing SQL Server - english - virtual



Kursarrangør: Glasspaper AS
Sted: Nettkurs / Nettstudie
Hele landet
Type:Nettkurs og nettstudie
Studie / yrkesutdanning
Undervisningstid: kl 09:00 - 16:00
Varighet: 5 days
Pris: 39.900
Neste kurs: 28.09.2026 | Vis alle kursdatoer

We provide virtual course about Hacking and Securing SQL Server in english. During this 5-day course of super intensive training you will analyze, learn, and practice critical tasks for implementing highly secure SQL Server infrastructure.

You´ll be able to:
• Get the highest quality and unique learning experience - the class is limited to 16 participants by default
• Get the opportunity to interact with our world-renowned Experts
• Go through CQURE’s custom lab exercises and practice them after the course
• Receive a lifelong certification after completing the course

Why this course:
This course is a must-go for database administrators, IT professionals and security officers dealing with database servers. Delivered by highly skilled SQL and database enthusiast with practical knowledge, multiple successful projects, many years of real-world experience and great teaching skills.

The course has a form of intense workshop where we make a deep dive inside the SQL Server. This is an international Live Virtual Class so you will be able to share the learning experience with a group of IT pros from around the world without leaving your home or office!

Course outline:
Module 1 - Overview of SQL Server Security (SQL Server 2022 & 2025):
• New security features in SQL Server 2022 and 2025, including enhanced encryption and cloud integration
• SQL Server architecture and how it impacts security
• Integration with Azure SQL Database, Azure Defender, and Azure Active Directory for improved security in hybrid environments

Module 2 - Common Threats & Best Practices for Data Protection:
• Identifying common SQL Server vulnerabilities (SQL injection, unauthorized access, misconfigurations)
• Best practices for protecting SQL Server, including encryption, secure authentication, and role-based access control

Module 3 - Setting Up SQL Server Environment:
• Installation of SQL Server 2022, ensuring secure configuration
• Configuring firewalls and ports for secure SQL Server access
• Testing connectivity using different protocols (TCP/IP, Named Pipes) and validating network security

Module 4 - Securing the Operating System & Network:
• Hardening Windows Server to protect SQL Server from external threats
• Configuring secure file-sharing, system permissions, and Windows Defender
• Setting up firewall rules and encrypted communications to prevent unauthorized access

Module 5 - User Account and Role Management:
• Creating and managing SQL Server logins, using Windows Authentication vs. SQL Authentication
• Integrating Azure Active Directory Authentication for centralized identity management
• Role-based security and assigning permissions based on job functions to implement the Principle of Least Privilege

Module 6 - Managing Permissions and Data Access:
• Implementing row-level security to restrict data access based on user context
• Using Dynamic Data Masking to obfuscate sensitive information from unauthorized users
• Configuring Custom Permissions and testing access controls with different user roles

Module 7 - Data Encryption in SQL Server:
• Always Encrypted for encrypting sensitive data both at rest and in transit
• Transparent Database Encryption (TDE) for protecting entire databases and backups
• Column-Level Encryption and implementing Dynamic Data Masking to secure sensitive columns
• Best practices for End-to-End Encryption to secure data throughout its lifecycle

Module 8 - Backup Security:
• Best practices for securing backup files, including encryption and managing backup certificates
• Creating encrypted backups and testing backup and restore procedures to ensure data security

Module 9 - Auditing SQL Server Access and Data Usage:
• Configuring SQL Server Auditing to log access attempts, data changes, and administrative actions
• Using Extended Events to monitor SQL Server activities and detect unusual or suspicious behavior
• Implementing auditing for compliance with regulations like GDPR, PCI-DSS, and HIPAA

Module 10 - Security Monitoring Tools:
• Integrating Azure Defender for SQL Server to monitor vulnerabilities and threats in SQL Server environments
• Using Azure Sentinel for advanced threat detection and security information management (SIEM)
• Setting up monitoring alerts and integrating SQL Server logs with SIEM systems for real-time threat analysis

Module 11 - Securing SQL Server Services:
• Securing SQL Server Agent, Analysis Services (SSAS), and Reporting Services (SSRS) by controlling access to these services and jobs.
• Implementing policies to ensure that only authorized users have access to critical SQL Server services and data
• Securing Azure SQL Database by configuring firewall settings, virtual networks, and managing secure access through Private Endpoints.

Module 12 - Protecting SQL Server Instances from External Attacks:
• Techniques to prevent SQL injection and other common attacks by using parameterized queries and stored procedures
• Securing SQL Server against Denial of Service (DoS) attacks by configuring server resources and network isolation
• Ensuring secure communication by using SSL/TLS for data in transit and encryption for communication channels between clients and SQL Server instances.

Module 13 - Simulating Attacks and Testing Responses:
• Simulating real-world attacks, such as SQL injection, unauthorized access attempts, and Denial of Service attacks
• Testing SQL Server defenses against these simulated attacks to evaluate security configurations and response mechanisms
• Reviewing SQL Server’s ability to log attacks and respond appropriately to minimize damage

Module 14 - Managing Certificates:
• Configuring SSL/TLS certificates for encrypted connections between SQL Server and clients
• Managing certificates for backup encryption and securing data exchanges
• Ensuring the integrity of certificates used for authentication and encryption across the SQL Server infrastructure

Target audience:
This is an advanced course on Hacking and Securing SQL Server for Cybersecurity Specialists. It´s suitable for: Database administrators, infrastructure architects, security professionals, system engineers, advanced database developer, IT professionals, security consultants and other people responsible for implementing databases security.

Language:
• English course material, english speaking instructor

Course material:
The course fee includes lab exercises, course materials and certification

Certification:
After finishing the course, you will be granted a CQURE Certificate of Completion. Please note that after completing the course you will also be eligible for CPE points!