Transparent Data Encryption (TDE) performs real-time I/O encryption of data and can be used to secure SQL servers and Azure SQL databases. This course covers how to implement TDE, as well as other encryption solutions such as Always Encrypted and Cell-level encryption. This course is one of a series of courses that cover the objectives for the 70-765: Provisioning SQL Databases exam.
Learning Objectives
Transparent Data Encryption
- start the course
- provide a general overview of transparent data encryption
- demonstrate how to use transparent data encryption
- demonstrate how to use transparent data encryption commands and functions
- describe the TDE catalog views in SQL Server 2016
- describe the TDE dynamic management views in SQL Server 2016
- describe considerations when implementing TDE
Implementing Transparent Data Encryptions
- demonstrate how to enable TDE using the Azure portal
- demonstrate how to enable and disable TDE using PowerShell
- demonstrate how to disable TDE using the Azure portal
- describe how to move a TDE protected database
Always Encrypted for Azure SQL Database
- describe the Always Encrypted database engine feature
- recognize when to use the Always Encrypted feature in SQL Server 2016
- configure Always Encrypted in SQL Server 2016
- describe the available database permissions in SQL Server 2016
Cell-level Encryption
- understand the encryption key hierarchy in SQL Server 2016
- recognize when to use cell-level encryption
- describe the security permissions required for cell-level encryption
- demonstrate how to encrypt data using simple symmetric encryption
Practice: Configuring Encryption
- configure encryption for Azure SQL Databases