...Course 10774A: Querying Microsoft SQL Server 2012 Length: 5 Days Prerequisites: Before attending this course, students must have: Working knowledge of relational databases. Basic knowledge of the Microsoft Windows operating system and its core functionality. Before attending this course, students should have: Basic understanding of virtualization technology (Classroom labs utilize virtual machines) To help you prepare for this class, review the following resources: Book: T-SQL Fundamentals for Microsoft SQL Server 2012 and SQL Azure MCTS Self Paced Training Kit 70-461 About this Course This 5-day instructor led course provides students with the technical skills required to write basic Transact-SQL queries for Microsoft SQL Server 2012. This course is the foundation for all SQL Server-related disciplines; namely, Database Administration, Database Development and Business Intelligence. This course helps people prepare for exam 70-461. All the labs for this course can be performed using the provided virtual machines. However, if you have a Microsoft Windows Azure account and the classroom virtual machines connect to the internet you may be able to connect to your Windows Azure server and database from the classroom. Many of the labs in this course are enabled for you to perform the lab while connected to your own Windows Azure database in the cloud. Your instructor should be able to provide a current list of Windows Azure enabled labs. To acquire a trial Windows Azure account click...
Words: 1666 - Pages: 7
...S. Sudarshan Day / Date Tue 21 May 2013 09:00 – 10:30 Inaugural remarks (15 mins) Relational Model, SQL Part 1: Relations and Relational Algebra, Basic SQL, Joins, Set operations (Chapters 1, 2 and 3) SQL Part 2: Aggregate functions, Nested Subqueries, Database modification (Chapters 3 and 4) Tea Break 11:00 – 13:00 Session Continues.. (last 30 min discussion/quiz) Lunch 14:00-17:00 Tea Break 5:15-6:00 10:30 – 11:00 13:00 – 14:00 Lab 1: Basic SQL Installing, administering and using PostgreSQL and pgAdmin3; Basic SQL queries Lab 2: Intermediate SQL Aggregation, nested subqueries, database modification 17:0017:15 No Session Wed 22 May 2013 Session 10:30 – Continues.. 11:00 (last 30 min discussion/quiz) 13:00– 14:00 17:0017:15 Linux System Admin. (IITB CSE Sysadms) Thu 23 May 2013 Fri 24 May 2013 Sat 25 May 2013 Sun 26 May 2013 SQL Part 3: Session Outerjoins, Transactions, Integrity 10:30 – Continues.. constraints, Triggers, 11:00 (last 30 min Authorization, JDBC discussion/quiz) (Chapters 4 and 5) ER Design (Chapter 7) Session 10:30 – Continues.. 11:00 (last 30 min discussion/quiz) 10:30 – 11:00 Session Continues.. (last 30 min discussion/quiz) 13:00 – 14:00 Lab 3: Advanced SQL Outerjoins, DDL: integrity constraints, authorization Lab 4: ER Design Tutorial (Last 45 mins for solutions discussion, broadcast) Lab 5: Normalization Tutorial (Last 45 mins for solutions discussion, broadcast) 17:0017:15 No Session ...
Words: 591 - Pages: 3
...first of many practices in this course. Practices are intended to cover all topics that are presented in the corresponding lesson. Note the following location for the lab files: E:\labs\SQL1\labs If you are asked to save any lab files, save them at this location. To start ISQL*Plus, start your browser. You need to enter a URL to access iSQL*Plus. The URL requires the host name, which your instructor will provide. Enter the following command, replacing the host name with the value that your instructor provides: http://<HOSTNAME:5561>/isqlplus In any practice, there may be exercises that are prefaced with the phrases “If you have time” or “If you want an extra challenge.” Work on these exercises only if you have completed all other exercises in the allocated time and would like a further challenge to your skills. Perform the practices slowly and precisely. You can experiment with saving and running command files. If you have any questions at any time, ask your instructor. Practice 1 Test your knowledge: 1. Initiate an iSQL*Plus session using the user ID and password that are provided by the instructor. 2. iSQL*Plus commands access the database. True/False 3. The following SELECT statement executes successfully: SELECT last_name, job_id, salary AS Sal FROM employees; True/False 4. The following SELECT statement executes successfully: SELECT * FROM job_grades; True/False 5. There are four coding errors in the following statement...
Words: 520 - Pages: 3
...Lab #8 – Assessment Worksheet Performing a Web Site and Database Attack by Exploiting Identified Vulnerabilities Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you performed simple tests to verify a cross-site scripting (XSS) exploit and an SQL injection attack using the Damn Vulnerable Web Application (DVWA), a tool left intentionally vulnerable to aid security professionals in learning about Web security. You used a Web browser and some simple command strings to identify the IP target host and its known vulnerabilities, and then attacked the Web application and Web server using cross-site scripting (XSS) and SQL injection to exploit the sample Web application running on that server. Lab Assessment Questions & Answers 1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation? To make sure no one can penetrate your web application before you put it in a live situation. 2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting is a type of computer security vulnerability typically found in web applications that enables attacks to inject client side script into web pages viewed by others 3. What is a reflective cross-site scripting attack? A reflective attack a type of computer security vulnerability it involves the web application dynamically generating a response using...
Words: 442 - Pages: 2
...Week 3 Lab Part 1: Web and Database Attacks & Malware and Malicious Software Learning Objectives and Outcomes Upon completing this lab, students will be able to: * Identify web application and web server backend database vulnerabilities as viable attack vectors * Develop an attack plan to compromise and exploit a web site using cross-site scripting (XSS) against sample vulnerable web applications * Conduct a manual Cross-site Scripting (XSS) attack against sample vulnerable web applications * Perform SQL injection attacks against sample vulnerable web applications with e-commerce data entry fields * Mitigate known web application and web server vulnerabilities with security countermeasures to eliminate risk from compromise and exploitation Overview This Lab will demonstrate a Cross-site Scripting (XSS) exploit and an SQL Injection attack on the test bed web application and web server using the Damn Vulnerable Web App (DVWA) loaded on an Apache Web Server on “TargetUbuntu01” Linux VM server. They will first identify the IP target host, identify known vulnerabilities and exploits, and then attack the web application and web server using XSS and an SQL Injection to exploit the web application using a web browser and some simple command strings. Assignment Requirements Watch the Demo Lab in Learning Space Unit 5 and then answer questions 1-10 below. Lab Assessment Questions & Answers 1. Why is it critical...
Words: 1054 - Pages: 5
...com I. OBJECTIVES 1. Understand and become familiar with the SQL Analytical Extensions. 2. Learn to create, use, and maintain materialized views, and their functional equivalents. 3. Effectively apply Advanced Aggregate SQL Operations, such as GROUP BY ROLLUP to solve business intelligence questions and analytical processing problems. II. PARTS LIST 1. EDUPE-VT Omnymbus Virtual Machine Environment (https://devry.edupe.net:9090/) and/or: 2. MySQL (dev.mysql.com/downloads) III. PROCEDURE Scenario and Summary For the lab this week, we are going to look at how the ROLLUP and CUBE extensions available in SQL can be used to create query result sets that have more than one dimension to them. Both of these extensions are used in conjunction with the GROUP BY clause and allow for a much broader look at the data. To record your work for this lab use the lab report found at the end of this document. As in your previous labs, you will need to copy/paste your SQL statements and results into this document. Upon completion and prior to the due date, submit this document to the appropriate Dropbox. iLAB STEPS STEP 1: Setting Up For this lab you will be using a different user and set of tables than you have used so far for other labs. To set up your instance you will need to do the following. The first thing you will do for this lab is to run the following SQL Script. Begin by creating the DBM449Lab6 Schema, and creating any user accounts and...
Words: 3288 - Pages: 14
...com I. OBJECTIVES 1. Understand and become familiar with the SQL Analytical Extensions. 2. Learn to create, use, and maintain materialized views, and their functional equivalents. 3. Effectively apply Advanced Aggregate SQL Operations, such as GROUP BY ROLLUP to solve business intelligence questions and analytical processing problems. II. PARTS LIST 1. EDUPE-VT Omnymbus Virtual Machine Environment (https://devry.edupe.net:9090/) and/or: 2. MySQL (dev.mysql.com/downloads) III. PROCEDURE Scenario and Summary For the lab this week, we are going to look at how the ROLLUP and CUBE extensions available in SQL can be used to create query result sets that have more than one dimension to them. Both of these extensions are used in conjunction with the GROUP BY clause and allow for a much broader look at the data. To record your work for this lab use the lab report found at the end of this document. As in your previous labs, you will need to copy/paste your SQL statements and results into this document. Upon completion and prior to the due date, submit this document to the appropriate Dropbox. iLAB STEPS STEP 1: Setting Up For this lab you will be using a different user and set of tables than you have used so far for other labs. To set up your instance you will need to do the following. The first thing you will do for this lab is to run the following SQL Script. Begin by creating the DBM449Lab6 Schema, and creating any user accounts and...
Words: 3288 - Pages: 14
...Assessment Worksheet 97 LAB #7 – ASSESSMENT WORKSHEET Perform a Website and Database Attack by Exploiting Identified Vulnerabilities Course Name and Number: MNE 310 Student Name: Carl Sizemore Instructor Name: Williams Lab Due Date: 8/10/2014 Overview In this lab, you verified and performed a cross-site scripting (XSS) exploit and an SQL injection attack on the test bed Web application and Web server using the Damn Vulnerable Web Application (DVWA) found on the TargetUbuntu01 Linux VM server. You first identified the IP target host, identified known vulnerabilities and exploits, and then attacked the Web application and Web server using XSS and an SQL injection to exploit the Web application using a Web browser and some simple command strings. Lab Assessment Questions & Answers 1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production 7 Perform a Website and Database Attack by Exploiting Identified Vulnerabilities implementation? Penetration testing highlights what a real-world hacker might see if he or she targeted the given organization. The Penetraton test will give a security view in operational context and potential flaws can be discovered so that managment can make decisions about whether to allocated security resources to fix any discover problems. 2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting enables attackers to inject client-side...
Words: 491 - Pages: 2
...principles to fully utilize the organizational role of information technology. This course provides core skills of data management for the relational database management systems. This course will review the theoretical concepts and applications of a modern relational database management system. In addition to a basic theoretical presentation of the database design concepts, students will be required to design and develop a database application using a modern fourth generation language system. This course teaches students data modeling and design techniques and how to transform data models into database designs. Another basic component of this course is the use of SQL – Structured Query Language. Students will also learn how to create databases, modify databases, and develop queries using SQL. In addition, this course also teaches the management of database resources in an organization. Course Learning...
Words: 1374 - Pages: 6
...Jaye Weinberg Lab # 4 Assessment Worksheet 1. What is a PHP Remote File Include (RFI) attack, and why are these prevalent in today's Internet world? RFI stands for Remote File Inclusion that allows the attacker to upload a custom coded/malicious file on a website or server using a script. This vulnerability exploits the poor validation checks in websites and can eventually lead to code execution on server or code execution on website (XSS attack using javascript). RFI is a common vulnerability and all website hacking is not entirely focused on SQL injection. Using RFI you can deface the websites, get access to the server and do almost anything. What makes it more dangerous is that you only need to have your common sense and basic knowledge of PHP to execute this one. 2. What country is the top host of SQL Injection and SQL Slammer infections? Why can't the US Government do anything to prevent these injection attacks and infections? The U.S. is the top host of SQL Injection and SQL Slammer infections. Cybercriminals have made vast improvements to their infrastructure over the last few years. Its expansion is thousands of websites vulnerable to SQL Injections. Malicious code writers have exploited these vulnerabilities to distribute malware so quick that the government cannot contain such a large quantity. 3. What does it mean to have a policy of Nondisclosure in an organization? It is a contract where the parties agree not to disclose information covered by the agreement...
Words: 319 - Pages: 2
...Lab Validation Report MemSQL’s Distributed In-‐Memory Database Real-‐time Analytics for the Big Data Revolution By Tony Palmer, Senior ESG Lab Analyst August 2013 © 2013 by The Enterprise Strategy Group, Inc. All Rights Reserved. Lab Validation: MemSQL’s In-‐Memory Distributed Database 2 Contents Introduction ................................................................................................................................................ 3 Background .............................................................................................................................................................. 3 MemSQL ...............................................
Words: 5195 - Pages: 21
...CIS 336 Entire Course For more classes visit www.snaptutorial.com CIS 336 Entire Course: Devry University --------------------------------------------------------------------- CIS 336 Week 1 iLab 1 Devry University For more classes visit www.snaptutorial.com L A B O V E R V I E W Scenario/Summary This lab will introduce you to the processes involved in defining one of the key components of a data model; the relationship diagram (RD). In this lab, you will draw a relationship diagram for two of the steps shown. Keep in mind when you are trying to decide which side of the relationship should be the "one" side and which should be the "many" that you must first decide which side has the primary key, or unique identifier. Once you have decided the primary key of the relationship, you have identified the "one" side of the relationship. Note that for an RD, the foreign key "many" side of the relationship points to the primary key "one" side. The "one" side should have the arrowhead point of the connecting line. This is different than an entity/relationship diagram (ERD) that we will draw next week, where the "many" side has crow's feet. This will familiarize you with how to set up MS Visio to draw database diagrams. Steps 1 - 3 below use the Customer, Order, and Employee tables of a simplified Order Entry database. The Customer table records clients who have placed orders. The Order table contains the basic facts about customer orders. The Employee table contains facts...
Words: 3439 - Pages: 14
...New Horizons Computer Learning Center of Cincinnati OFFICIAL MICROSOFT LEARNING PRODUCT 10174A Lab Instructions and Lab Answer Key: Configuring and Administering Microsoft® SharePoint® 2010 New Horizons Computer Learning Center of Cincinnati Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft® Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The names...
Words: 74170 - Pages: 297
...DD1334 Databasteknik Laboration 1: SQL Basics Andreas Gustafsson, Hedvig Kjellström, Michael Minock and John Folkesson The purpose of Laboration 1 is to learn how to retrieve rmation stored in relational databases. You will learn 1) how to formulate SQL queries and understand how they apply to the schema and how they are executed; 2) how constraints effect insertions and deletions; 3) about the basics of view, transactions, indices and triggers. The recommended reading for Laboration 1 is that of Lectures 1-7 , particularly Chap 6-8. Laboration Come prepared to the review session! Only one try is allowed – if you fail, you are not allowed to try again until the next lab session. The review will take 10 minutes or less, so have all papers in order. To pass you should have Completed Task 1 with at least 9 of the 10 queries right, completed Task 2 and able to explain why certain actions give errors and other do not, also 8 of the 9 steps should be documented showing you executed them correctly, Task 3 the output file should show that the trigger works as it should. The grade is A if passed when the review when due. See the Lab Grading page in bilda contents for the due dates for the labs and the grading of late assignments. Laboration 1 is intended to take 30h to complete. Computing Environment In this assignment you will use Nestor 2.0. Nestor is KTH’s logic engine (computer) dedicated to hold the databases used in this and other similar courses. Nestor is aptly named after...
Words: 2303 - Pages: 10
...SQL Server Reporting Services Lab 1 TASKS IN THIS LAB To create a report server project 2 To create a new report definition file 2 To set up a connection 2 To define a Transact-SQL query for report data 3 To add a Table data region and fields to a report layout 4 Preview the report you have built to this point 5 Format the date field 6 Format the currency field 6 Format the header rows and table columns 7 Group data in a report 7 Add totals to the report 8 Add a grand total to the report 9 In this lab we create a basic table report based on the AdventureWorks2014 database. To create the report we use the Report designer tool with characteristics and functionality universal among products from multiple reporting applications vendors. PART I - CREATING A REPORT PROJECT Create your first report 1. Start SQL Server Data Tools. 2. On the File menu, point to New, and then click Project. 3. Select the Report Server Project. 4. For Name, type BasicReport. For location, you can leave in the default location or you can choose a location of your liking. 5. Click OK to create the project. Create a new report definition file 1. In Solution Explorer, right-click Reports, point to Add, and click New Item. 2. In the Add New Item dialog box, click Report. 3. For Name, (at the bottom of the dialog box) type SalesOrders.rdl and then click Add. The Report Designer opens and displays the new .rdl file in Design...
Words: 2275 - Pages: 10