Exam 70-762 topic 1 question 116 discussion

Actual exam question from Microsoft's 70-762

Question #: 116
Topic #: 1

Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
You have a database that contains the following tables: BlogCategory, BlogEntry, ProductReview, Product, and SalesPerson. The tables were created using the following Transact SQL statements:

You must modify the ProductReview Table to meet the following requirements:
The table must reference the ProductID column in the Product table

✑ Existing records in the ProductReview table must not be validated with the Product table.
✑ Deleting records in the Product table must not be allowed if records are referenced by the ProductReview table.
✑ Changes to records in the Product table must propagate to the ProductReview table.
You also have the following database tables: Order, ProductTypes, and SalesHistory. The transact-SQL statements for these tables are not available.
You must modify the Orders table to meet the following requirements:
✑ Create new rows in the table without granting INSERT permissions to the table.
✑ Notify the sales person who places an order whether or not the order was completed.
You must add the following constraints to the SalesHistory table:
✑ a constraint on the SaleID column that allows the field to be used as a record identifier
✑ a constant that uses the ProductID column to reference the Product column of the ProductTypes table
✑ a constraint on the CategoryID column that allows one row with a null value in the column
✑ a constraint that limits the SalePrice column to values greater than four
Finance department users must be able to retrieve data from the SalesHistory table for sales persons where the value of the SalesYTD column is above a certain threshold.
You plan to create a memory-optimized table named SalesOrder. The table must meet the following requirements:
✑ The table must hold 10 million unique sales orders.
✑ The table must use checkpoints to minimize I/O operations and must not use transaction logging.
✑ Data loss is acceptable.
Performance for queries against the SalesOrder table that use WHERE clauses with exact equality operations must be optimized.
You need to modify the environment to meet the requirements for the Orders table.
What should you create?

A. an AFTER UPDATE trigger
B. a user-defined function
C. a stored procedure with output parameters
D. an INSTEAD OF INSERT trigger

Show Suggested Answer

Suggested Answer: D 🗳️
From Question: You must modify the Orders table to meet the following requirements:
✑ Create new rows in the table without granting INSERT permissions to the table.
✑ Notify the sales person who places an order whether or not the order was completed.
References:
https://docs.microsoft.com/en-us/sql/t-sql/statements/create-trigger-transact-sql?view=sql-server-2017

by EdwardWang at Dec. 30, 2019, 8:30 p.m.

Comments

Submit Cancel

EdwardWang

Highly Voted 5 years, 5 months ago

C is correct

upvoted 29 times

...

stm22

Highly Voted 4 years, 11 months ago

D has to be wrong because req was: ✑ Create new rows in the table the instead of insert trigger in D means no rows inserted C is correct amar111 is correct "You can create stored procedure , and write Insert statement inside it . Then give exec permission on stored procedure to the user . when user executes , rows will be inserted to table , even though user does not have insert permission to table"

upvoted 6 times

...

Alex5x

Most Recent 4 years, 8 months ago

Looking at this requirement "Create new rows in the table without granting INSERT permissions to the table", I think the question tests our knowledge about SQL Server Ownership Chaining. Thanks to this security feature we can grant a user EXECUTE rights on a stored procedure (SP) which inserts data to a tabel (T) without giving the user any permissions on the table at all and execute that SP sucessfully. The only requirement is that both the SP and the T have the same owner. As soon as the requirement is met, SQL Server will form an ownership chain when a user tries to execute the stored procedure. More on this here: https://www.mssqltips.com/sqlservertip/6394/understanding-sql-server-ownership-chaining/ The correct answer is C.

upvoted 5 times

HA2020

4 years, 5 months ago

Also, it is considered bad practice to output anything to users from triggers.

upvoted 2 times

...

MML

4 years, 11 months ago

C. a stored procedure with output parameters

upvoted 6 times

...

JohnFan

5 years, 3 months ago

There are two ways to do this: 1. a stored procedure with the RETURN statement 2. an INSTEAD OF INSERT trigger

upvoted 1 times

Froze

5 years, 2 months ago

Using INSTEAD OF INSERT trigger is not a good idea. In such way you are giving EVERYONE ability to INSERT data to the table with such trigger. You don't have any control on that. By using stored procedure you are having control (by granting execute rights). So in my opinion the stored procedure is the only right answer.

upvoted 3 times

Nickname17

5 years, 2 months ago

It requires “ Create new rows in the table without granting INSERT permissions to the table”, isn’t it?

upvoted 1 times

amar111

5 years, 1 month ago

YOu can create stored procedure , and write Insert statement inside it . Then give exec permission on stored procedure to the user . when user executes , rows will be inserted to table , even though user does not have insert permission to table

upvoted 9 times

...