WP ref.

SQL or Windows commands Results

1 SELECT name as AuditName, create_date, modify_date, type_desc as AuditType,
is_state_enabled
FROM master.sys.server_audits

1 (b) SELECT a.name as AuditName, a.type_desc as AuditType, s.name as specName,

s.create_date as specCreateDate, s.is_state_enabled, s.modify_date as
specModifyDate, d.audit_action_id, d.audit_action_name, d.class_desc,
d.audited_result
FROM master.sys.server_audits AS a
JOIN master.sys.server_audit_specifications AS s ON a.audit_guid = s.audit_guid
JOIN master.sys.server_audit_specification_details AS d ON
s.server_specification_id = d.server_specification_id

1 (b) SELECT a.audit_id, a.name as AuditName, a.audit_guid, a.type_desc as AuditType,

a.on_failure, a.on_failure_desc, a.queue_delay, s.database_specification_id,
s.name as specName, s.is_state_enabled, s.create_date as specCreateDate,
s.modify_date as specModifyDate, d.audit_action_id, d.audit_action_name, d.class,
d.class_desc, d.major_id, d.minor_id, o.name as ObjectName, o.type_desc as
ObjectType, d.audited_principal_id, d.audited_result, d.is_group
FROM [MyDB].sys.server_audits AS a
JOIN [MyDB].sys.database_audit_specifications AS s ON a.audit_guid = s.audit_guid
JOIN [MyDB].sys.database_audit_specification_details AS d ON
s.database_specification_id = d.database_specification_id
LEFT JOIN [MyDB].sys.all_objects AS o ON d.major_id = o.object_id

2 (a) SELECT a.name as AuditName, a.type_desc as AuditType, s.name as specName,

s.create_date as specCreateDate, s.is_state_enabled, s.modify_date as
specModifyDate, d.audit_action_id, d.audit_action_name, d.class_desc,
d.audited_result
FROM master.sys.server_audits AS a
JOIN master.sys.server_audit_specifications AS s ON a.audit_guid = s.audit_guid
JOIN master.sys.server_audit_specification_details AS d ON
s.server_specification_id = d.server_specification_id

2 (b) SELECT a.name as AuditName, a.type_desc as AuditType, s.name as specName,

s.create_date as specCreateDate, s.is_state_enabled, s.modify_date as
specModifyDate, d.audit_action_id, d.audit_action_name, d.class_desc,
d.audited_result
FROM master.sys.server_audits AS a
JOIN master.sys.server_audit_specifications AS s ON a.audit_guid = s.audit_guid
JOIN master.sys.server_audit_specification_details AS d ON
s.server_specification_id = d.server_specification_id

2 (b) SELECT a.audit_id, a.name as AuditName, a.audit_guid, a.type_desc as AuditType,

a.on_failure, a.on_failure_desc, a.queue_delay, s.database_specification_id,
s.name as specName, s.is_state_enabled, s.create_date as specCreateDate,
s.modify_date as specModifyDate, d.audit_action_id, d.audit_action_name, d.class,
d.class_desc, d.major_id, d.minor_id, o.name as ObjectName, o.type_desc as
ObjectType, d.audited_principal_id, d.audited_result, d.is_group
FROM [MyDB].sys.server_audits AS a
JOIN [MyDB].sys.database_audit_specifications AS s ON a.audit_guid = s.audit_guid
JOIN [MyDB].sys.database_audit_specification_details AS d ON
s.database_specification_id = d.database_specification_id
LEFT JOIN [MyDB].sys.all_objects AS o ON d.major_id = o.object_id

2 (c) SELECT a.audit_id, a.name as AuditName, a.audit_guid, a.type_desc as AuditType,

a.on_failure, a.on_failure_desc, a.queue_delay, s.database_specification_id,
s.name as specName, s.is_state_enabled, s.create_date as specCreateDate,
s.modify_date as specModifyDate, d.audit_action_id, d.audit_action_name, d.class,
d.class_desc, d.major_id, d.minor_id, o.name as ObjectName, o.type_desc as
ObjectType, d.audited_principal_id, d.audited_result, d.is_group
WP ref. SQL or Windows commands Results
FROM [MyDB].sys.server_audits AS a
JOIN [MyDB].sys.database_audit_specifications AS s ON a.audit_guid = s.audit_guid
JOIN [MyDB].sys.database_audit_specification_details AS d ON
s.database_specification_id = d.database_specification_id
LEFT JOIN [MyDB].sys.all_objects AS o ON d.major_id = o.object_id

2 (d) SELECT a.audit_id, a.name as AuditName, a.audit_guid, a.type_desc as AuditType,

a.on_failure, a.on_failure_desc, a.queue_delay, s.database_specification_id,
s.name as specName, s.is_state_enabled, s.create_date as specCreateDate,
s.modify_date as specModifyDate, d.audit_action_id, d.audit_action_name, d.class,
d.class_desc, d.major_id, d.minor_id, o.name as ObjectName, o.type_desc as
ObjectType, d.audited_principal_id, d.audited_result, d.is_group
FROM [MyDB].sys.server_audits AS a
JOIN [MyDB].sys.database_audit_specifications AS s ON a.audit_guid = s.audit_guid
JOIN [MyDB].sys.database_audit_specification_details AS d ON
s.database_specification_id = d.database_specification_id
LEFT JOIN [MyDB].sys.all_objects AS o ON d.major_id = o.object_id

3 SELECT a.name as AuditName, a.type_desc as AuditType, s.name as specName,

s.create_date as specCreateDate, s.is_state_enabled, s.modify_date as
specModifyDate, d.audit_action_id, d.audit_action_name, d.class_desc,
d.audited_result
FROM master.sys.server_audits AS a
JOIN master.sys.server_audit_specifications AS s ON a.audit_guid = s.audit_guid
JOIN master.sys.server_audit_specification_details AS d ON
s.server_specification_id = d.server_specification_id

5 SELECT database_name, name, description, recovery_model, type, expiration_date,

has_backup_checksums, is_password_protected, is_snapshot, is_damaged,
is_copy_only, has_bulk_logged_data, user_name, backup_set_id, media_set_id,
server_name, machine_name
FROM msdb.dbo.backupset

6 (a) SELECT substring(@@Servername,1,40) as ServerName, substring(B.name,1,40) as

Database_Name, ISNULL(STR(ABS(DATEDIFF(day, GetDate(),
MAX(Backup_finish_date)))), 'NEVER') as DaysSinceLastBackup,
ISNULL(Convert(char(10), MAX(backup_finish_date), 101), 'NEVER') as
LastBackupDate, GetDate() as CollectionTimeStamp
FROM master.dbo.sysdatabases B
LEFT OUTER JOIN msdb.dbo.backupset A ON A.database_name collate database_default
= B.name collate database_default
AND A.type = 'D'
GROUP BY B.name
ORDER BY B.name

6 (b) SELECT * FROM msdb.dbo.log_shipping_primary_databases

6 (b) SELECT * FROM msdb.dbo.log_shipping_monitor_history_detail
7 (a) In command prompt (cmd.exe):
cacls "MyPath\*" > WINdir_perms.txt
where MyPath is the root directory of the SQL Server installation.

Or

1. Open Windows Explorer.

2. Navigate to C:\Program Files\Microsoft SQL Server.
3. Right Click on the directory and choose Properties -> Security -> Advanced.
4. Determine whether the “Allow Inheritable Permissions from Parent to Propagate to this Object” checkbox
has been deselected and the permissions appropriately assigned.

7 (b) In command prompt (cmd.exe):

cacls "MyPath\Data\*.mdf" > WINdata_file_perms.txt
WP ref. SQL or Windows commands Results
where MyPath is the root directory of the SQL Server installation.

Or

1. Open Windows Explorer.

2. Navigate to the folder containing the .mdf files.
3. Right Click on the directory and choose Properties -> Security -> Advanced.
4. Determine whether the “Allow Inheritable Permissions from Parent to Propagate to this Object” checkbox
has been deselected and the permissions appropriately assigned.

7 (c) In command prompt (cmd.exe):

cacls "MyPath\Binn\*.ini" > WINini_perms.txt
where MyPath is the root directory of the SQL Server installation.

Or

1. Open Windows Explorer.

2. Navigate to the path containing the Binn folder.
3. Right Click on the directory and choose Properties -> Security -> Advanced.
4. Determine whether the “Allow Inheritable Permissions from Parent to Propagate to this Object” checkbox
has been deselected and the permissions appropriately assigned.

8 (a)  Start -> Run -> cmd.exe: 

net accounts

 Start -> Run -> secpol.msc

8 (b) exec xp_loginconfig

8 (b) SELECT name, type_desc, is_disabled, is_policy_checked, is_expiration_checked
FROM master.sys.sql_logins
8 (b) SELECT dpa.*, dsp.is_disabled
FROM (SELECT name, modify_date,
DATEDIFF(day, modify_date, GETDATE()) AS Parameter_Age
FROM master.sys.sql_logins) dpa
LEFT JOIN master.sys.server_principals dsp on dsp.name=dpa.name;

9 SELECT name, is_published, is_subscribed, is_merge_published, is_distributor

FROM master.sys.databases
10 (a) SELECT *
FROM master.sys.configurations
WHERE configuration_id in (544, 400, 16390, 117, 1568);
10 (b) SELECT name, is_db_chaining_on
FROM master.sys.databases
10 (c) SELECT name, is_trustworthy_on
FROM master.sys.databases

11 (a) SELECT *
FROM master.sys.configurations
WHERE configuration_id in (544, 400, 16390, 117, 1568);

11 (c) select * from master.sys.credentials

12 (a) SELECT *
FROM master.sys.configurations
WHERE configuration_id in (544, 400, 16390, 117, 1568);
WP ref. SQL or Windows commands Results
12 (b) SELECT *
FROM master.sys.remote_logins
12 (b) SELECT A.server_id, A.local_principal_id, A.uses_self_credential, A.remote_name,
A.modify_date, B.name, B.is_linked, B.is_remote_login_enabled,
B.is_rpc_out_enabled, B.is_system, B.is_publisher, B.is_subscriber,
B.is_distributor
FROM sys.linked_logins A
INNER JOIN sys.servers B ON A.server_id = B.server_id

18 (a) SELECT *
FROM master.sys.server_principals

20 SELECT getdate() as ScriptRunDate,

SERVERPROPERTY('MachineName') AS MachineName,
SERVERPROPERTY('ServerName') AS ServerName,
SERVERPROPERTY('InstanceName') AS InstanceName,
SERVERPROPERTY('Edition') AS Edition,
SERVERPROPERTY('EngineEdition') AS EngineEdition,
SERVERPROPERTY('ProductVersion') AS ProductVersion,
SERVERPROPERTY('ProductLevel') AS ProductLevel,
SERVERPROPERTY('IsIntegratedSecurityOnly') AS
IsIntegratedSecurityOnly,
SERVERPROPERTY('IsClustered') AS IsClustered