You are employed as a database administrator by a start-up company in Menlo Park, California. The company is developing

a new payments system that is attracting a lot of attention from venture capitalists. Customers will be able to process

credit card transactions remotely and transmit payment information over the internet to your data center. During the

latest round of negotiations for funding, one of the potential backers announced that he or she would be conducting a

due diligence assessment to ensure that the new payments system design has adequate security controls. This potential

backer is particularly concerned about customer privacy issues, as this is a hot topic in California and elsewhere. Your

manager, the Chief Technology Officer (CTO) of the firm, has asked you to make recommendations on several aspects of SQL

Server database security. consider:

Securing the client/server connections over the internet
Authenticating users
Encrypting sensitive information