Administering a SQL Database Infrastructure — Question 220
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You are the database administrator for a company that hosts Microsoft SQL Server. You manage both on-premises and Microsoft Azure SQL Database environments.
You plan to delegate encryption operations to a user.
You need to grant the user permission to implement cell-level encryption while following the principle of least privilege.
Which permission should you grant?
Answer options
- A. DDLAdmin
- B. db_datawriter
- C. dbcreator
- D. dbo
- E. View Database State
- F. View ServerState
- G. View Definition
- H. sysadmin
Correct answer: G
Explanation
The correct answer is G, View Definition, as it allows the user to view the definitions of database objects and is necessary for implementing cell-level encryption. The other options either grant broader privileges that exceed what is needed or do not provide the required permissions for encryption operations.