A fast, accurate, and up-to-date desk reference for information security and privacy practitioners everywhere Information security and privacy roles demand up-to-date knowledge coming from a seemingly countless number of sources, including several certifications—like the CISM, CIPP, and CISSP—legislation and regulations issued by state and national governments, guidance from local and industry organizations, and even international bodies, like the European Union. The Information Security and Privacy Quick Reference: The Essential Handbook for Every CISO, CSO, and Chief Privacy Officer is an updated, convenient, and accurate desk reference for information privacy practitioners who need fast and easy access to the latest guidance, laws, and standards that apply in their field. This book is the most effective resource for information security professionals who need immediate and correct solutions to common and rarely encountered problems. An expert team of writers—Joe Shelley, James Michael Stewart, and the bestselling technical author, Mike Chapple—draw on decades of combined technology and education experience to deliver organized and accessible coverage of: Security and Privacy Foundations Governance, Risk Management, and Compliance Security Architecture and Design Identity and Access Management Data Protection and Privacy Engineering Security and Privacy Incident Management Network Security and Privacy Protections Security Assessment and Testing Endpoint and Device Security Application Security Cryptography Essentials Physical and Environmental Security Legal and Ethical Considerations Threat Intelligence and Cyber Defense Business Continuity and Disaster Recovery Information Security and Privacy Quick Reference is a must-have resource for CISOs, CSOs, Chief Privacy Officers, and other information security and privacy professionals seeking a reliable, accurate, and fast way to answer the questions they encounter at work every single day.

“Buck Woody’s new book will help new and experienced users alike in getting productive with SQL Server 2005 quickly. His special attention to security and performance make this an exceptional reference that is sure to remain relevant for some time.” —Chip Andrews, CISSP, MCDBA, Director of Research and Development Special Ops Security, Inc. “SQL 2005 is the most exciting upgrade to come out of Redmond in years; this book will help you get up and running quickly to take full advantage of it! If you are looking for a book about upgrading to SQL 2005, look no further, this one is all you need. It gives you all you need to take advantage of everything SQL 2005 has to offer, and that is a lot!” —Doug Ellis, Area Technical Manager, Cognos “Buck Woody provides insight into administering SQL Server 2005 that all developers and database administrators will find useful; the book assumes very little knowledge by providing ‘DBA 101’ sections which will not alienate the experienced reader while providing the necessary introduction to topics for those less experienced.” —Doug Holland, Visual C# MVP, Precision Objects “SQL Server 2005 is a landmark release and this title does an awesome job of hitting everything new in SQL 2005. It covers new and improved administration tools, and contains an overview of Notification Services, SQL Server Service Broker, Reporting Services, Integration Services, and Analysis Services. As a result, you’ll be able to work on your own SQL Server 2005 solutions quickly and painlessly. Ultimately, this book provides you with a starting point, a roadmap, and then the tools and knowledge to exploit this powerful new database server to its fullest power. So, start your computer and get ready to learn SQL Server 2005!” —Alexzander N. Nepomnjashiy, SQL Server DBA, NeoSystems NorthWest “A solid introduction to administering SQL 2005. The ‘DBA 101’ sections provide useful tips for the new DBA, good review for the experienced DBA, and the 101 label enables the seasoned DBA to skip basic material and jump ahead to where the REAL action is…. Buck’s conversational writing style makes this an enjoyable and refreshing contrast to the majority of tech books written these days.” —Brad Russell, MCDBA, Visionary Integration Professionals The Complete, Practical, 100% Useful Guide for Every SQL Server 2005 DBA! This book has one goal: to help database administrators and their managers run SQL Server 2005 with maximum efficiency, reliability, and performance. Renowned SQL Server expert Buck Woody covers every facet of database administration, from installation and configuration through maintaining enterprise-class business intelligence environments. If you’re a new SQL Server administrator, Buck will help you master core tasks rapidly—and avoid costly mistakes that only show up when it’s too late. If you’re familiar with previous versions of SQL Server, he’ll get you up-to-speed fast on everything new that matters, from high availability improvements and Integration Services to the SQL Server Management Studio. Whatever your background, you’ll find best practices, real-world scenarios, and easy-to-use automation scripts—all grounded in Buck’s unsurpassed SQL Server knowledge. • Timesaving tips, practical applications, and start-to-finish examples throughout • Understand the key “decision points” at every stage of your SQL Server deployment • Perform day-to-day maintenance more efficiently, from hotfixes to backup/recovery • Automate maintenance tasks with the SQL Server Agent • Establish and audit security on SQL Server 2005 and the underlying Windows Server platform • Monitor and optimize SQL Server: baselining, profiling, index strategies, query refactoring, and more • Maximize availability using replication, clustering, mirroring, and SQL Server’s new online indexing • Leverage important new improvements in Integration Services and Reporting Services • Use Analysis Services to support enterprise-class Business Intelligence deployments • Even set up a simple configuration of SQL Server 2005 for free—legally! Foreword xviii Chapter 1: Installation and Configuration 1 Chapter 2: Architecture and Tools 35 Chapter 3: Maintenance and Automation 99 Chapter 4: Security 173 Chapter 5: Monitoring and Optimization 237 Chapter 6: High Availability 295 Chapter 7: Notification Services and the Service Broker 365 Chapter 8: Integration Services 399 Chapter 9: Reporting Services 451 Chapter 10: Analysis Services 515 Appendix A: Upgrading to SQL Server 2005 581 Index 605

Praise for J.C. Cannon's Privacy "A wonderful exploration of the multifaceted work being done to protect the privacy of users, clients, companies, customers, and everyone in between." —Peter Wayner, author of Translucent Databases "Cannon provides an invaluable map to guide developers through the dark forest created by the collision of cutting-edge software development and personal privacy." —Eric Fredericksen, Sr. Software Engineer, PhD., Foundstone, Inc. "Cannon's book is the most comprehensive work today on privacy for managers and developers. I cannot name any technical areas not covered. No practitioners should miss it." —Ray Lai, Principal Engineer, Sun Microsystems, Inc., co-author of Core Security Patterns and author of J2EE Platform Web Services "Every developer should care deeply about privacy and this is the best book I've read on the subject. Get it, read it, and live it." —Keith Ballinger, Program Manager, Advanced Web Services, Microsoft "J.C. Cannon's book demonstrates that information and communication technology can contribute in a significant way to restoring individual privacy and raises more awareness of the complexity and importance of this societal problem." —Dr. John J. Borking, Former Commissioner and Vice-President of the Dutch Data Protection Authority "If you are planning, implementing, coding, or managing a Privacy campaign in your company or your personal computing, there is no more relevant reference. J.C. Cannon nails the issues." —Rick Kingslan, CISSP, Microsoft MVP-Windows Server: Directory Services and Right Management, West Corporation "It's often been said that security is a process, not a product. Privacy is no different! Unlike other privacy books, J.C. Cannon's book has something valuable to convey to everyone involved in the privacy process, from executives to designers and developers, many of whom aren't thinking about privacy but should be." —Keith Brown, Co-founder of Pluralsight and author of The .NET Developer's Guide to Windows Security and Programming Windows Security "J.C. Cannon's new book on electronic privacy is an important addition to the available works in this emerging field of study and practice. Through many humorous (and occasionally frightening) examples of privacy gone wrong, J.C. helps you better understand how to protect your privacy and how to build privacy awareness into your organization and its development process. Keenly illustrating both the pros and cons of various privacy-enhancing and potentially privacy-invading technologies, J.C.'s analysis is thorough and well-balanced. J.C. also explains many of the legal implications of electronic privacy policies and technologies, providing an invaluable domestic and international view." —Steve Riley, Product Manager, Security Business and Technology Unit, Windows Division, Microsoft "Privacy concerns are pervasive in today's high-tech existence. The issues covered by this book should be among the foremost concerns of developers and technology management alike." —Len Sassaman, Security Architect, Anonymizer, Inc. You're responsible for your customers' private information. If you betray their trust, it can destroy your business. Privacy policies are no longer enough. You must make sure your systems truly protect privacy—and it isn't easy. That's where this book comes in. J.C. Cannon, Microsoft's top privacy technology strategist, covers every facet of protecting customer privacy, both technical and organizational. You'll learn how to systematically build privacy safeguards into any application, Web site, or enterprise system, in any environment, on any platform. You'll discover the best practices for building business infrastructure and processes that protect customer privacy. You'll even learn how to help your customers work with you in protecting their own privacy. Coverage includes How privacy and security relate—and why security isn't enough Understanding your legal obligations to protect privacy Contemporary privacy policies, privacy-invasive technologies, and privacy-enhancing solutions Auditing existing systems to identify privacy problem areas Protecting your organization against privacy intrusions Integrating privacy throughout the development process Developing privacy-aware applications: a complete sample application Building a team to promote customer privacy: staffing, training, evangelization, and quick-response Protecting data and databases via role-based access control Using Digital Rights Management to restrict customer information Privacy from the customer's standpoint: spam avoidance, P3P, and other tools and resources Whether you're a manager, IT professional, developer, or security specialist, this book delivers all the information you need to protect your customers—and your organization. The accompanying CD-ROM provides sample privacy-enabling source code and additional privacy resources for developers and managers. J. C. CANNON, privacy strategist at Microsoft's Corporate Privacy Group, specializes in implementing application technologies that maximize consumer control over privacy and enable developers to create privacy-aware applications. He works closely with Microsoft product groups and external developers to help them build privacy into applications. He also contributed the chapter on privacy to Michael Howard's Writing Secure Code (Microsoft Press 2003). Cannon has spent nearly twenty-five years in software development. © Copyright Pearson Education. All rights reserved.