Administering a SQL Database Infrastructure — Question 130

You administer a Microsoft SQL Server 2016 database that has Trustworthy set to On.
You create a stored procedure that returns database-level information from Dynamic Management Views. You grant User1 access to execute the stored procedure.
You need to ensure that the stored procedure returns the required information when User1 executes the stored procedure.
You need to achieve this goal by granting the minimum permissions required.
What should you do? (Each correct answer presents a complete solution. Choose all that apply.)

Answer options

• A. Create a SQL Server login that has VIEW SERVER STATE permissions. Create an application role and a secured password for the role.
• B. Modify the stored procedure to include the EXECUTE AS OWNER statement. Grant VIEW SERVER STATE permissions to the owner of the stored procedure.
• C. Create a SQL Server login that has VIEW SERVER STATE permissions. Modify the stored procedure to include the EXECUTE AS {newlogin} statement.
• D. Grant the db_owner role on the database to User1.
• E. Grant the sysadmin role on the database to User1.

Correct answer: B, C

Explanation

Option B is correct because using the EXECUTE AS OWNER statement allows the stored procedure to run with the privileges of its owner, while granting the owner VIEW SERVER STATE permissions is a minimal requirement. Option C is also valid as it allows the procedure to execute under a new login with the necessary permissions. Options A, D, and E provide excessive permissions or do not address the requirement effectively.