Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You manage a Microsoft SQL Server environment. You implement Transparent Data Encryption (TDE).
A user will assist in managing TDE.
You need to ensure that the user can view the TDE metadata while following the principle of lease privilege.
Which permission should you grant?
A . DDLAdmin
B . db_datawriter
C . dbcreator
D . dbo
E . View Database State
F . View Server State
G . View Definition
H . sysadmin
Answer: G
Explanation:
Viewing the metadata involved with TDE requires the VIEW DEFINITION permissionon the certificate.
References: https://docs.microsoft.com/en-us/sql/relationaldatabases/security/encryption/transparent-data-encryption-tde
Leave a Reply