ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-765 All Questions

View all questions & answers for the 70-765 exam
Go to Exam

Exam 70-765 topic 3 question 54 discussion

Actual exam question from Microsoft's 70-765
Question #: 54
Topic #: 3
[All 70-765 Questions]

You administer a Windows Azure SQL Database database named Human_Resources. The database contains 2 tables named Employees and SalaryDetails. You add two Windows groups as logins for the server:
✑ CORP\Employees - All company employees
✑ CORP\HRAdmins - HR administrators only
✑ HR Administrators are also company employees.
You need to grant users access according to the following requirements:
CORP\Employees should have SELECT access to the Employees table. Only users in CORP\HRAdmins should have SELECT access to the SalaryDetails
table.
✑ Logins are based only on Windows security groups.
What should you do?

  • A. Create a database role called Employees. Add CORP\Employees to the db_datareader role. Add all company employees except HR administrators to the Employees role. Deny SELECT access to the SalaryDetails table to the Employees role.
  • B. Create a database role called HRAdmins. Add all company employees except HR administrators to the db_datareader role. Add all HR administrators to the HRAdmins role. Grant SELECT access to the SalaryDetails table to the HRAdmins role. Deny SELECT access to the SalaryDetails table to the db_datareader role.
  • C. Create two database roles: Employees and HRAdmins. Add all company employees to the Employees role. Add HR administrators to the HRAdmins role. Grant SELECT access to all tables except SalaryDetails to the Employees role. Grant SELECT access to the SalaryDetails table to the HRAdmins role. Deny SELECT access to the SalaryDetails table to the Employees role.
  • D. Create a database role called Employees. Add all HR administrators to the db_datareader role. Add all company employees to the Employees role. Grant SELECT access to all tables except the SalaryDetails table to the Employees role.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Members of the db_datareader fixed database role can run a SELECT statement against any table or view in the database.
References:
https://technet.microsoft.com/en-us/library/ms188629(v=sql.90).aspx
by axdev at Aug. 3, 2020, 9:31 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
axdev
4 years, 10 months ago
Agree. D is correct. A. Does not give any access to administrators. B. Is trying to modify fixed db_datareader role. C. "Deny" will remove access from administrators as they are also members of the Employees role.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel