| The workshop is designed to help you anticipate possible questions, review what you've learned, and begin putting your knowledge into practice. Quiz | 1. | True or False: Telnet is a perfectly acceptable method to securely connect to MySQL from a remote host. | | 2. | Which three pieces of information does MySQL check each time a request is made? | | 3. | What command would you use to grant SELECT, INSERT, and UPDATE privileges to a user named bill on localhost to all tables on the BillDB database? Also, what piece of information is missing from this statement that is recommended for security purposes? |
Answer | 1. | False. The key word is secure, and Telnet does not encrypt data between hosts. Instead, use SSH to securely connect to your server. | | 2. | Who you are, where you are accessing from, and what actions you're allowed to perform. | | 3. | The command is GRANT SELECT, INSERT, UPDATE ON BillDB.* TO bill@localhost; The important missing piece is a password for the user. |
Activities 1. | Think of situations in which you might want to restrict command access at the table level. For example, you wouldn't want the intern-level administrator to have shutdown privileges for the corporate database. | 2. | If you have administrative privileges in MySQL, issue several GRANT commands to create dummy users. It doesn't matter whether the tables and databases you name are actually present. | 3. | Use REVOKE to remove some of the privileges of the users you created in activity 2. |
|