As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 11 years ago.
Can anybody advice me some goods books for sql protection from hackers? Where it will clearly explain how hackers work and how to secure SQL.
For SQL server security this would be good.
the main security issue with SQL is SQL injection
Also look at these resources -
Google Code University - Web Security. - The second video is specific to cross-site scripting and SQL injection attacks
Foundations Security Every Programmer Experts Should Know
W3 School on web security
You can find useful stuff here:
Database Hacker's Handbook
SQL Injection Attack and Defense
SQL Server Security
Implementing Database Security and Auditing
The Rational Guide To SQL Server 2005 Security
SQL Server Security Distilled
Writing Secure Code
And of course the SQL databases benchmarks here, MySQL, SQLServer, Oracle, DB2 and even Sybase.
Related
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 11 years ago.
What are the features that are not available in T-SQL however, they are part of SQL standard. Also, If someone can list nice features that are available in PL/SQL (ORACLE) not currently available in T-SQL (e.g. LAG and LEAD etc.) I know Denali will introduce some of those (like lag and lead) but not sure?
I know there are features (some of those are indeed nice e.g. TOP) available in T-SQL but not part of SQL Standard. I just want to find other side of story.
There really isn't a SQL "standard". However you can get O'Reilly SQL Pocket Guide, it has most of the primary differences between the SQL dialects and is well worth the 15 dollars to get. There are many small differences in between TSQL and Oracle. Too many to list here.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 11 years ago.
Please recommend me some books and practices for me.
I am quite weak in SQL though not that bad in C# and VB.NET.
Thanks.
Itzik Ben-Gan has written three excellent books on SQL Server 2008 and T-SQL. The best place to start is with 'SQL Server 2008: T-SQL Fundamentals', and then from there to move onto 'Inside SQL Server 2008: T-SQL Querying' and then finally 'Inside SQL Server 2008: T-SQL Programming'.
If I could get all of the developers here to read these three books then I wouldn't need to spend half as much time as I do addressing quality concerns in our databases.
Kalen Delaney's SQL Server 2008 Internals will change the way you use SQL Server, by giving you such a thorough understanding of it all.
SQL: The Complete Reference has been with me since day 1. While the content in this book is excellent (easy-to-read, understand, great examples), I think its greatest strength is the strong appendix -- there isn't a language concept/keyword that isn't listed; its never let me down.
Oh, and its a few years old, so its dirt cheap now, too. :)
Check out this book.It is great for the whole DBMS concepts including SQL
Database Management Systems: A Practical Approach to Design, Implementation, and
Management (Fourth Edition)
by Thomas Connolly and Carolyn Begg
Addison-Wesley, 2005
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 11 years ago.
here's the job description:
Experience with data mapping/extracts tools such as Monarch and VorteXML.
Familiarity with XML documents and schemas.
Minimum 1-3 years of data analysis in SQL Server environment.
Working knowledge of TSQL and SQL Server 2000 tools such as Enterprise Manager, SQL Query Analyzer, Profiler, DTS and BCP.
Working knowledge of SQL Server Reporting Services design and administration.
BSCS or other technical degree.
Healthcare background strongly preferred.
Strong organizational and communication skills.
Strong analytical thinking, troubleshooting and ability to manage multiple, concurrent projects.
Ability to meet deadlines while working in a fast-paced environment.
what is an XML schema? ive extracted data programmatically from XML files, but i dont understand what they mean by schema?
data analysis in SQL server environment - does this just mean knowing how to do joins and select statements?
SSRS (design and administration) - can someone please get me started on some basic tutorials where i can learn this?
what is Monarch and VorteXML and where can i learn the applications?
If you don't know those technologies and what they're talking about, you probably shouldn't be applying. The same goes for any job, whether or not it's in the IT field.
Are you just planning to answer the questions and then spend about two weeks stressing your nut off once you get the job. W3Schools will give you a start with schema (.xsd files). Sql server documentation will help you with the rest (patterns and practices on microsoft site is a good read).
You've got to understand that the interviewer probably has some ideas about the answers they want to hear too.
Good luck :)
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
Can I use free SQLServer Express in my commercial windows project? Are there any license issues? How many nodes it supports in multiuser environment ?
Quick answer is Yes. I have heard of MS themselves say it is OK. See this MSDN forums thread.
SQL Server Express is distributed for free and can be used reliably in any small business application.
The Wikipedia article is quite good at highlighting the key drawbacks of using an Express edition compared to a commercial SQL Server instance. Most notable perhaps is the lack of a SQL Server Agent process, which is usually used for job scheduling.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 9 years ago.
I don't mean "Basic SQL", but strongly the specs and the difference between the specs and the implementations between great databases (like SQL Server, Oracle, etc).
(source: amazon.com)
SQL In a Nutshell by O'Reilly and Associates. It covers all 5 major SQL Dialects, the differences between them, and does that for each function/feature listed. (ANSI SQL99, Oracle, MySql, Postgres, and SQL Server).
The number one way of learning the differences is to work in the various databases.
SQL Server, Oracle, and MySql all offer free (express) editions. Also, if you want to step up a bit you can get the developer version of SQL Server for about $50.
Oracle:
http://www.oracle.com/technology/products/database/xe/index.html
SQL Server
http://www.microsoft.com/express/sql/default.aspx
MySQL
http://dev.mysql.com/downloads/
Simple things to do:
create a database
create a table
do simple insert/update/delete (CRUD) operations
do inner / outer joins.
http://sqlzoo.net/
PostgreSQL the world's more advanced opensource and more ANSI SQL-compliant database
Various RDBMS ANSI SQL-conformance: http://troels.arvin.dk/db/rdbms/